diff --git a/docs/architecture/psa-migration/outcome-analysis.sh b/docs/architecture/psa-migration/outcome-analysis.sh index 6aab6bd04..a3f9f7ced 100755 --- a/docs/architecture/psa-migration/outcome-analysis.sh +++ b/docs/architecture/psa-migration/outcome-analysis.sh @@ -35,7 +35,6 @@ reference_config () { scripts/config.py unset MBEDTLS_PKCS1_V21 scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC } # Space-separated list of test suites of interest. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 165bb097a..ae5090bb9 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -159,7 +159,8 @@ #error "MBEDTLS_PKCS5_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PKCS12_C) && !defined(MBEDTLS_MD_C) +#if defined(MBEDTLS_PKCS12_C) && \ + !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) #error "MBEDTLS_PKCS12_C defined, but not all prerequisites" #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index ad0e5992a..42c4741e3 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2664,7 +2664,11 @@ * Module: library/pkcs12.c * Caller: library/pkparse.c * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C + * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either + * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. + * + * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() + * before doing any PKCS12 operation. * * This module enables PKCS#12 functions. */ diff --git a/library/pkcs12.c b/library/pkcs12.c index e725a97cc..8dd5f7490 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -39,6 +39,9 @@ #include "mbedtls/des.h" #endif +#include "hash_info.h" +#include "mbedtls/psa_util.h" + #if defined(MBEDTLS_ASN1_PARSE_C) static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, @@ -209,6 +212,108 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, } } + +static int calculate_hashes( mbedtls_md_type_t md_type, int iterations, + unsigned char *diversifier, unsigned char *salt_block, + unsigned char *pwd_block, unsigned char *hash_output, int use_salt, + int use_password, size_t hlen, size_t v ) +{ +#if defined(MBEDTLS_MD_C) + int ret = -1; + size_t i; + const mbedtls_md_info_t *md_info; + mbedtls_md_context_t md_ctx; + md_info = mbedtls_md_info_from_type( md_type ); + if( md_info == NULL ) + return ( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + + mbedtls_md_init( &md_ctx ); + + if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) + return ( ret ); + // Calculate hash( diversifier || salt_block || pwd_block ) + if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 ) + goto exit; + + if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) + goto exit; + + if( use_salt != 0 ) + { + if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 ) + goto exit; + } + + if( use_password != 0 ) + { + if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 ) + goto exit; + } + + if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) + goto exit; + + // Perform remaining ( iterations - 1 ) recursive hash calculations + for( i = 1; i < (size_t) iterations; i++ ) + { + if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) + != 0 ) + goto exit; + } + +exit: + mbedtls_md_free( &md_ctx ); + return ret; +#else + psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; + psa_algorithm_t alg = mbedtls_psa_translate_md( md_type ); + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t status_abort = PSA_ERROR_CORRUPTION_DETECTED; + size_t i, out_len, out_size = PSA_HASH_LENGTH( alg ); + + if( alg == PSA_ALG_NONE ) + return ( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); + + if( ( status = psa_hash_setup( &op, alg ) ) != PSA_SUCCESS ) + goto exit; + + // Calculate hash( diversifier || salt_block || pwd_block ) + if( ( status = psa_hash_update( &op, diversifier, v ) ) != PSA_SUCCESS ) + goto exit; + + if( use_salt != 0 ) + { + if( ( status = psa_hash_update( &op, salt_block, v ) ) != PSA_SUCCESS ) + goto exit; + } + + if( use_password != 0 ) + { + if( ( status = psa_hash_update( &op, pwd_block, v ) ) != PSA_SUCCESS ) + goto exit; + } + + if( ( status = psa_hash_finish( &op, hash_output, out_size, &out_len ) ) + != PSA_SUCCESS ) + goto exit; + + // Perform remaining ( iterations - 1 ) recursive hash calculations + for( i = 1; i < (size_t) iterations; i++ ) + { + if( ( status = psa_hash_compute( alg, hash_output, hlen, hash_output, + out_size, &out_len ) ) != PSA_SUCCESS ) + goto exit; + } + +exit: + status_abort = psa_hash_abort( &op ); + if( status == PSA_SUCCESS ) + status = status_abort; + return ( mbedtls_md_error_from_psa( status ) ); +#endif /* !MBEDTLS_MD_C */ +} + + int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, const unsigned char *pwd, size_t pwdlen, const unsigned char *salt, size_t saltlen, @@ -227,9 +332,6 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, size_t hlen, use_len, v, i; - const mbedtls_md_info_t *md_info; - mbedtls_md_context_t md_ctx; - // This version only allows max of 64 bytes of password or salt if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); @@ -243,15 +345,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, use_password = ( pwd && pwdlen != 0 ); use_salt = ( salt && saltlen != 0 ); - md_info = mbedtls_md_info_from_type( md_type ); - if( md_info == NULL ) - return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE ); - - mbedtls_md_init( &md_ctx ); - - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 ) - return( ret ); - hlen = mbedtls_md_get_size( md_info ); + hlen = mbedtls_hash_info_get_size( md_type ); if( hlen <= 32 ) v = 64; @@ -273,33 +367,11 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, p = data; while( datalen > 0 ) { - // Calculate hash( diversifier || salt_block || pwd_block ) - if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 ) - goto exit; - - if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 ) - goto exit; - - if( use_salt != 0 ) + if( calculate_hashes( md_type, iterations, diversifier, salt_block, + pwd_block, hash_output, use_salt, use_password, hlen, + v ) != 0 ) { - if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v )) != 0 ) - goto exit; - } - - if( use_password != 0) - { - if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v )) != 0 ) - goto exit; - } - - if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 ) goto exit; - - // Perform remaining ( iterations - 1 ) recursive hash calculations - for( i = 1; i < (size_t) iterations; i++ ) - { - if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 ) - goto exit; } use_len = ( datalen > hlen ) ? hlen : datalen; @@ -351,8 +423,6 @@ exit: mbedtls_platform_zeroize( hash_block, sizeof( hash_block ) ); mbedtls_platform_zeroize( hash_output, sizeof( hash_output ) ); - mbedtls_md_free( &md_ctx ); - return( ret ); } diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 03561390e..09b898789 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1211,7 +1211,6 @@ component_test_crypto_full_no_md () { scripts/config.py unset MBEDTLS_HKDF_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_PKCS12_C # Indirect dependencies scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC make @@ -1871,7 +1870,6 @@ component_test_psa_crypto_config_accel_hash_use_psa () { scripts/config.py unset MBEDTLS_HKDF_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_DETERMINISTIC_ECDSA # TLS currently depends on MD_C diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index a8c4bab35..601b5bbc6 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,35 +1,35 @@ PKCS#12 derive key : MD5: Zero length password and hash -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 PKCS#12 derive key: MD5: NULL password and hash -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 PKCS#12 derive key: MD5: Zero length password -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: NULL password -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: Invalid length NULL password -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA PKCS#12 derive key: MD5: Zero length salt -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: NULL salt -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: Invalid length NULL salt -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA PKCS#12 derive key: MD5: Valid password and salt -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"46559deeee036836ab1b633ec620178d4c70eacf42f72a2ad7360c812efa09ca3d7567b489a109050345c2dc6a262995":0 diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 54dc042c3..34ef090ba 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -2,6 +2,8 @@ #include "mbedtls/pkcs12.h" #include "common.h" +#include "legacy_or_psa.h" + typedef enum { USE_NULL_INPUT = 0, diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 7bf5f9269..9aec77693 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -75,99 +75,99 @@ depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0 Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTest":0 Parse RSA Key #20.1 (PKCS#8 encrypted SHA1-3DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #20.2 (PKCS#8 encrypted SHA1-3DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #21 (PKCS#8 encrypted SHA1-3DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTest":0 Parse RSA Key #21.1 (PKCS#8 encrypted SHA1-3DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #21.2 (PKCS#8 encrypted SHA1-3DES, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #22 (PKCS#8 encrypted SHA1-3DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTest":0 Parse RSA Key #22.1 (PKCS#8 encrypted SHA1-3DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #22.2 (PKCS#8 encrypted SHA1-3DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #23 (PKCS#8 encrypted SHA1-3DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.der":"PolarSSLTest":0 Parse RSA Key #24 (PKCS#8 encrypted SHA1-3DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.der":"PolarSSLTest":0 Parse RSA Key #25 (PKCS#8 encrypted SHA1-3DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.der":"PolarSSLTest":0 Parse RSA Key #26 (PKCS#8 encrypted SHA1-2DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSSLTest":0 Parse RSA Key #26.1 (PKCS#8 encrypted SHA1-2DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #26.2 (PKCS#8 encrypted SHA1-2DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #27 (PKCS#8 encrypted SHA1-2DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSSLTest":0 Parse RSA Key #27.1 (PKCS#8 encrypted SHA1-2DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #27.2 (PKCS#8 encrypted SHA1-2DES, 2048-bit no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #28 (PKCS#8 encrypted SHA1-2DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSSLTest":0 Parse RSA Key #28.1 (PKCS#8 encrypted SHA1-2DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #28.2 (PKCS#8 encrypted SHA1-2DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #29 (PKCS#8 encrypted SHA1-2DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.der":"PolarSSLTest":0 Parse RSA Key #30 (PKCS#8 encrypted SHA1-2DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.der":"PolarSSLTest":0 Parse RSA Key #31 (PKCS#8 encrypted SHA1-2DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.der":"PolarSSLTest":0 Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES)