From 6de7a179c882b0b6484ae79e2e326fc7c5e941de Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 17:51:17 +0200
Subject: [PATCH 01/20] Fix file permissions

Some files were marked as executable but shouldn't have been.
---
 include/psa/crypto.h | 0
 library/psa_crypto.c | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 mode change 100755 => 100644 include/psa/crypto.h
 mode change 100755 => 100644 library/psa_crypto.c

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
old mode 100755
new mode 100644
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
old mode 100755
new mode 100644

From 2d2778650b04edb0791217ce6c31c42f1844d092 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 15:41:12 +0200
Subject: [PATCH 02/20] Normalize whitespace

Normalize whitespace to Mbed TLS standards. There are only whitespace
changes in this commit.
---
 include/psa/crypto.h                        |   4 +-
 include/psa/crypto_struct.h                 |   5 +-
 library/psa_crypto.c                        | 165 ++++++------
 tests/suites/test_suite_psa_crypto.function | 270 ++++++++++----------
 4 files changed, 225 insertions(+), 219 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 94060c1eb..c513b24c2 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1304,8 +1304,8 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
                                const uint8_t *input,
                                size_t input_length,
-                               unsigned char *output, 
-                               size_t output_size, 
+                               unsigned char *output,
+                               size_t output_size,
                                size_t *output_length);
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index f554b6eab..4b0f9799b 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -48,7 +48,7 @@
 #if defined(MBEDTLS_SHA512_C)
 #define PSA_CRYPTO_MD_MAX_SIZE 64
 #define PSA_CRYPTO_MD_BLOCK_SIZE 128
-#else 
+#else
 #define PSA_CRYPTO_MD_MAX_SIZE 32
 #define PSA_CRYPTO_MD_BLOCK_SIZE 64
 #endif
@@ -84,7 +84,8 @@ struct psa_hash_operation_s
 };
 
 
-typedef struct {
+typedef struct
+{
         /** The hash context. */
         struct psa_hash_operation_s hash_ctx;
         /** The HMAC part of the context. */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4a256988b..954895910 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -94,12 +94,15 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
  * The value is a compile-time constant for now, for simplicity. */
 #define MBEDTLS_PSA_KEY_SLOT_COUNT 32
 
-typedef struct {
+typedef struct
+{
     psa_key_type_t type;
     psa_key_policy_t policy;
     psa_key_lifetime_t lifetime;
-    union {
-        struct raw_data {
+    union
+    {
+        struct raw_data
+        {
             uint8_t *data;
             size_t bytes;
         } raw;
@@ -112,7 +115,8 @@ typedef struct {
     } data;
 } key_slot_t;
 
-typedef struct {
+typedef struct
+{
     int initialized;
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
@@ -305,10 +309,10 @@ static psa_status_t mbedtls_to_psa_error( int ret )
 /* Key management */
 /****************************************************************/
 
-psa_status_t psa_import_key(psa_key_slot_t key,
-                            psa_key_type_t type,
-                            const uint8_t *data,
-                            size_t data_length)
+psa_status_t psa_import_key( psa_key_slot_t key,
+                             psa_key_type_t type,
+                             const uint8_t *data,
+                             size_t data_length )
 {
     key_slot_t *slot;
 
@@ -380,7 +384,7 @@ psa_status_t psa_import_key(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_destroy_key(psa_key_slot_t key)
+psa_status_t psa_destroy_key( psa_key_slot_t key )
 {
     key_slot_t *slot;
 
@@ -424,9 +428,9 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_get_key_information(psa_key_slot_t key,
-                                     psa_key_type_t *type,
-                                     size_t *bits)
+psa_status_t psa_get_key_information( psa_key_slot_t key,
+                                      psa_key_type_t *type,
+                                      size_t *bits )
 {
     key_slot_t *slot;
 
@@ -472,11 +476,11 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
-                                             uint8_t *data,
-                                             size_t data_size,
-                                             size_t *data_length,
-                                             int export_public_key)
+static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
+                                              uint8_t *data,
+                                              size_t data_size,
+                                              size_t *data_length,
+                                              int export_public_key )
 {
     key_slot_t *slot;
 
@@ -492,7 +496,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) &&
         ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) )
         return( PSA_ERROR_NOT_PERMITTED );
-    
+
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
@@ -542,23 +546,23 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     }
 }
 
-psa_status_t psa_export_key(psa_key_slot_t key,
-                            uint8_t *data,
-                            size_t data_size,
-                            size_t *data_length)
+psa_status_t psa_export_key( psa_key_slot_t key,
+                             uint8_t *data,
+                             size_t data_size,
+                             size_t *data_length )
 {
     return psa_internal_export_key( key, data, data_size,
-                                  data_length, 0 );
+                                    data_length, 0 );
 }
 
 
-psa_status_t psa_export_public_key(psa_key_slot_t key,
-                                   uint8_t *data,
-                                   size_t data_size,
-                                   size_t *data_length)
+psa_status_t psa_export_public_key( psa_key_slot_t key,
+                                    uint8_t *data,
+                                    size_t data_size,
+                                    size_t *data_length )
 {
     return psa_internal_export_key( key, data, data_size,
-                                   data_length, 1 );
+                                    data_length, 1 );
 }
 
 /****************************************************************/
@@ -884,9 +888,9 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
     }
 }
 
-psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
-                             const uint8_t *hash,
-                             size_t hash_length)
+psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
+                              const uint8_t *hash,
+                              size_t hash_length )
 {
     uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
     size_t actual_hash_length;
@@ -912,7 +916,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     psa_algorithm_t alg,
     psa_key_type_t key_type,
-    size_t key_bits, 
+    size_t key_bits,
     mbedtls_cipher_id_t* cipher_id )
 {
     mbedtls_cipher_mode_t mode;
@@ -987,7 +991,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
 
 static size_t psa_get_hash_block_size( psa_algorithm_t alg )
 {
-    switch(alg)
+    switch( alg )
     {
         case PSA_ALG_MD2:
             return( 16 );
@@ -1006,9 +1010,9 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg )
         case PSA_ALG_SHA_384:
             return( 128 );
         case PSA_ALG_SHA_512:
-            return ( 128 );
-        default: 
-            return ( 0 );
+            return( 128 );
+        default:
+            return( 0 );
     }
 }
 
@@ -1032,8 +1036,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
                     return( PSA_ERROR_NOT_SUPPORTED );
 
                 psa_hash_abort( &operation->ctx.hmac.hash_ctx );
-                mbedtls_zeroize( operation->ctx.hmac.opad,
-                                     block_size);
+                mbedtls_zeroize( operation->ctx.hmac.opad, block_size );
             }
             else
 #endif /* MBEDTLS_MD_C */
@@ -1241,7 +1244,7 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
-                                                input_length );
+                                          input_length );
             }
             else
 #endif /* MBEDTLS_MD_C */
@@ -1250,10 +1253,10 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
             }
             break;
     }
-    if ( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
+    if( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
     {
         psa_mac_abort( operation );
-        if ( ret != 0 )
+        if( ret != 0 )
             status = mbedtls_to_psa_error( ret );
     }
 
@@ -1261,9 +1264,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
 }
 
 static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
-                             uint8_t *mac,
-                             size_t mac_size,
-                             size_t *mac_length )
+                                             uint8_t *mac,
+                                             size_t mac_size,
+                                             size_t *mac_length )
 {
     int ret = 0;
     psa_status_t status = PSA_SUCCESS;
@@ -1296,7 +1299,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned char *opad = operation->ctx.hmac.opad;
                 size_t hash_size = 0;
                 size_t block_size =
-                psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                    psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
@@ -1318,7 +1321,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                     goto hmac_cleanup;
 
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp,
-                                          hash_size);
+                                          hash_size );
                 if( status != PSA_SUCCESS )
                     goto hmac_cleanup;
 
@@ -1336,7 +1339,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     }
 cleanup:
 
-    if( ( ret == 0 ) && (status == PSA_SUCCESS) )
+    if( ( ret == 0 ) && ( status == PSA_SUCCESS ) )
     {
         return( psa_mac_abort( operation ) );
     }
@@ -1344,7 +1347,7 @@ cleanup:
     {
         psa_mac_abort( operation );
         if( ret != 0 )
-            status = mbedtls_to_psa_error(ret);
+            status = mbedtls_to_psa_error( ret );
 
         return status;
     }
@@ -1362,9 +1365,9 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                                      mac_size, mac_length ) );
 }
 
-#define MBEDTLS_PSA_MAC_MAX_SIZE                       \
-    ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \
-      MBEDTLS_MD_MAX_SIZE :                            \
+#define MBEDTLS_PSA_MAC_MAX_SIZE                        \
+    ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ?  \
+      MBEDTLS_MD_MAX_SIZE :                             \
       MBEDTLS_MAX_BLOCK_LENGTH )
 psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
                              const uint8_t *mac,
@@ -1598,7 +1601,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     {
         mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
         int ret;
-        (void)alg;
+        (void) alg;
         ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length,
                                             signature, signature_size );
         return( mbedtls_to_psa_error( ret ) );
@@ -2015,31 +2018,31 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 /* Key Policy */
 /****************************************************************/
 
-void psa_key_policy_init(psa_key_policy_t *policy)
+void psa_key_policy_init( psa_key_policy_t *policy )
 {
     memset( policy, 0, sizeof( psa_key_policy_t ) );
 }
 
-void psa_key_policy_set_usage(psa_key_policy_t *policy,
-                              psa_key_usage_t usage,
-                              psa_algorithm_t alg)
+void psa_key_policy_set_usage( psa_key_policy_t *policy,
+                               psa_key_usage_t usage,
+                               psa_algorithm_t alg )
 {
     policy->usage = usage;
     policy->alg = alg;
 }
 
-psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy)
+psa_key_usage_t psa_key_policy_get_usage( psa_key_policy_t *policy )
 {
     return( policy->usage );
 }
 
-psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy)
+psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy )
 {
     return( policy->alg );
 }
 
-psa_status_t psa_set_key_policy(psa_key_slot_t key,
-                                const psa_key_policy_t *policy)
+psa_status_t psa_set_key_policy( psa_key_slot_t key,
+                                 const psa_key_policy_t *policy )
 {
     key_slot_t *slot;
 
@@ -2051,8 +2054,8 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
         return( PSA_ERROR_OCCUPIED_SLOT );
 
     if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT
-                        | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN
-                        | PSA_KEY_USAGE_VERIFY ) ) != 0 )
+                             | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN
+                             | PSA_KEY_USAGE_VERIFY ) ) != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot->policy = *policy;
@@ -2060,8 +2063,8 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_get_key_policy(psa_key_slot_t key,
-                                psa_key_policy_t *policy)
+psa_status_t psa_get_key_policy( psa_key_slot_t key,
+                                 psa_key_policy_t *policy )
 {
     key_slot_t *slot;
 
@@ -2081,8 +2084,8 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
 /* Key Lifetime */
 /****************************************************************/
 
-psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
-                                  psa_key_lifetime_t *lifetime)
+psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
+                                   psa_key_lifetime_t *lifetime )
 {
     key_slot_t *slot;
 
@@ -2096,8 +2099,8 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
-                                  const psa_key_lifetime_t lifetime)
+psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
+                                   const psa_key_lifetime_t lifetime )
 {
     key_slot_t *slot;
 
@@ -2146,7 +2149,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     size_t tag_length;
     mbedtls_cipher_id_t cipher_id;
     const mbedtls_cipher_info_t *cipher_info = NULL;
-    
+
     *ciphertext_length = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
@@ -2154,18 +2157,18 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
-            return( PSA_ERROR_EMPTY_SLOT );
+        return( PSA_ERROR_EMPTY_SLOT );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
+        return( PSA_ERROR_NOT_SUPPORTED );
 
     if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
-           PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
+    if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
+        PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -2238,13 +2241,13 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
-    
+
     if( ret != 0 )
     {
         memset( ciphertext, 0, ciphertext_size );
         return( mbedtls_to_psa_error( ret ) );
     }
-    
+
     *ciphertext_length = plaintext_length + tag_length;
     return( PSA_SUCCESS );
 }
@@ -2291,7 +2294,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     size_t tag_length;
     mbedtls_cipher_id_t cipher_id;
     const mbedtls_cipher_info_t *cipher_info = NULL;
-    
+
     *plaintext_length = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
@@ -2299,18 +2302,18 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
-            return( PSA_ERROR_EMPTY_SLOT );
+        return( PSA_ERROR_EMPTY_SLOT );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-    
+        return( PSA_ERROR_NOT_SUPPORTED );
+
     if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != 
-         PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
+    if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
+        PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index cb9301ab6..5a68074e4 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -4,9 +4,9 @@
 #include "mbedtls/md.h"
 
 #if(UINT32_MAX > SIZE_MAX)
-#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) ((x) <= SIZE_MAX)
+#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
 #else
-#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) 1
+#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1
 #endif
 /* END_HEADER */
 
@@ -16,7 +16,7 @@
  */
 
 /* BEGIN_CASE */
-void init_deinit()
+void init_deinit( )
 {
     psa_status_t status;
     int i;
@@ -148,11 +148,11 @@ exit:
 
 /* BEGIN_CASE */
 void import_export_public_key( data_t *data,
-                                int type_arg,
-                                int alg_arg,
-                                int expected_bits,
-                                int public_key_expected_length,
-                                int expected_export_status )
+                               int type_arg,
+                               int alg_arg,
+                               int expected_bits,
+                               int public_key_expected_length,
+                               int expected_export_status )
 {
     int slot = 1;
     psa_key_type_t type = type_arg;
@@ -182,18 +182,18 @@ void import_export_public_key( data_t *data,
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
                                  data->x, (size_t) data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
-                 &got_type, &got_bits ) == PSA_SUCCESS );
+                                          &got_type, &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
     /* Export the key */
     status = psa_export_public_key( slot,
-                             exported, export_size,
-                             &exported_length );
+                                    exported, export_size,
+                                    &exported_length );
     TEST_ASSERT( status == (psa_status_t) expected_export_status );
     if( status != PSA_SUCCESS )
         goto destroy;
@@ -230,7 +230,7 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input->x, (size_t) input->len ) ==
-                                  PSA_SUCCESS );
+                 PSA_SUCCESS );
     TEST_ASSERT( psa_hash_finish( &operation,
                                   actual_hash, sizeof( actual_hash ),
                                   &actual_hash_length ) == PSA_SUCCESS );
@@ -259,11 +259,11 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input->x, (size_t) input->len ) ==
-                                  PSA_SUCCESS );
+                 PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   expected_hash->x,
                                   (size_t) expected_hash->len ) ==
-                                  PSA_SUCCESS );
+                 PSA_SUCCESS );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -305,7 +305,7 @@ void mac_verify( int key_type_arg, data_t *key,
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
                                  input->x, (size_t) input->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
     TEST_ASSERT( psa_mac_verify( &operation,
                                  expected_mac->x,
                                  (size_t) expected_mac->len ) == PSA_SUCCESS );
@@ -441,7 +441,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( total_output_length == (size_t) expected_output->len );
     TEST_ASSERT( memcmp( expected_output->x, output,
-                        (size_t) expected_output->len ) == 0 );
+                         (size_t) expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -510,8 +510,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
     TEST_ASSERT( total_output_length == (size_t) expected_output->len );
-    TEST_ASSERT( memcmp( expected_output->x, output, 
-                        (size_t) expected_output->len ) == 0 );
+    TEST_ASSERT( memcmp( expected_output->x, output,
+                         (size_t) expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -776,8 +776,8 @@ exit:
 
 /* BEGIN_CASE */
 void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
-                int alg_arg, data_t * input_data, data_t * nonce,
-                data_t * additional_data, int expected_result_arg )
+                           int alg_arg, data_t * input_data, data_t * nonce,
+                           data_t * additional_data, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -816,13 +816,13 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
                                  key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce->x, (size_t) nonce->len,
-                               additional_data->x,
-                               (size_t) additional_data->len,
-                               input_data->x, (size_t) input_data->len,
-                               output_data,
-                               output_size, &output_length ) ==
-                               expected_result );
+                                   nonce->x, (size_t) nonce->len,
+                                   additional_data->x,
+                                   (size_t) additional_data->len,
+                                   input_data->x, (size_t) input_data->len,
+                                   output_data,
+                                   output_size, &output_length ) ==
+                 expected_result );
 
     if( PSA_SUCCESS == expected_result )
     {
@@ -830,18 +830,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
         TEST_ASSERT( output_data2 != NULL );
 
         TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                nonce->x, (size_t) nonce->len,
-                                additional_data->x,
-                                (size_t) additional_data->len,
-                                output_data, output_length, output_data2,
-                                output_length, &output_length2 ) ==
-                                expected_result );
-        
+                                       nonce->x, (size_t) nonce->len,
+                                       additional_data->x,
+                                       (size_t) additional_data->len,
+                                       output_data, output_length, output_data2,
+                                       output_length, &output_length2 ) ==
+                     expected_result );
+
 
         TEST_ASSERT( memcmp( input_data->x, output_data2,
-                                (size_t) input_data->len ) == 0 );
+                             (size_t) input_data->len ) == 0 );
     }
-    
+
 
 exit:
     psa_destroy_key( slot );
@@ -853,9 +853,9 @@ exit:
 
 /* BEGIN_CASE */
 void aead_encrypt( int key_type_arg, data_t * key_data,
-                int alg_arg, data_t * input_data,
-                data_t * additional_data, data_t * nonce,
-                data_t * expected_result )
+                   int alg_arg, data_t * input_data,
+                   data_t * additional_data, data_t * nonce,
+                   data_t * expected_result )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -880,7 +880,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
     output_size = (size_t) input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -891,20 +891,20 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce->x, (size_t) nonce->len,
-                               additional_data->x,
-                               (size_t) additional_data->len,
-                               input_data->x, (size_t) input_data->len,
-                               output_data,
-                               output_size, &output_length ) == PSA_SUCCESS );
+                                   nonce->x, (size_t) nonce->len,
+                                   additional_data->x,
+                                   (size_t) additional_data->len,
+                                   input_data->x, (size_t) input_data->len,
+                                   output_data,
+                                   output_size, &output_length ) == PSA_SUCCESS );
 
 
     TEST_ASSERT( memcmp( output_data, expected_result->x,
-                                output_length ) == 0 );
-    
+                         output_length ) == 0 );
+
 
 exit:
     psa_destroy_key( slot );
@@ -915,9 +915,9 @@ exit:
 
 /* BEGIN_CASE */
 void aead_decrypt( int key_type_arg, data_t * key_data,
-                int alg_arg, data_t * input_data,
-                data_t * additional_data, data_t * nonce,
-                data_t * expected_data, int expected_result_arg )
+                   int alg_arg, data_t * input_data,
+                   data_t * additional_data, data_t * nonce,
+                   data_t * expected_data, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -944,7 +944,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     output_size = (size_t) input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -955,24 +955,24 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                               nonce->x, (size_t) nonce->len,
-                               additional_data->x, (size_t) additional_data->len,
-                               input_data->x, (size_t) input_data->len,
-                               output_data,
-                               output_size, &output_length ) ==
-                               expected_result );
+                                   nonce->x, (size_t) nonce->len,
+                                   additional_data->x, (size_t) additional_data->len,
+                                   input_data->x, (size_t) input_data->len,
+                                   output_data,
+                                   output_size, &output_length ) ==
+                 expected_result );
 
 
-    if ( expected_result == PSA_SUCCESS )
+    if( expected_result == PSA_SUCCESS )
     {
         TEST_ASSERT( memcmp( output_data, expected_data->x,
-                                    output_length ) == 0 );
+                             output_length ) == 0 );
     }
 
-    
+
 
 exit:
     psa_destroy_key( slot );
@@ -986,7 +986,7 @@ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg
 {
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
-    size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
+    size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg );
     TEST_ASSERT( actual_size == (size_t) expected_size_arg );
 exit:
     ;
@@ -1039,8 +1039,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
     TEST_ASSERT( signature_length == (size_t) output_data->len );
-    TEST_ASSERT( memcmp( signature, output_data->x, (size_t) output_data->len )
-                        == 0 );
+    TEST_ASSERT( memcmp( signature, output_data->x,
+                         (size_t) output_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1081,7 +1081,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_sign( slot, alg,
                                          input_data->x,
@@ -1112,14 +1112,14 @@ void key_policy( int usage_arg, int alg_arg )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    psa_key_policy_init(& policy_set );
-    psa_key_policy_init(& policy_get );
+    psa_key_policy_init( &policy_set );
+    psa_key_policy_init( &policy_get );
 
     psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
 
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == (psa_key_usage_t) usage_arg );
 
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == (psa_algorithm_t) alg_arg );
 
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
 
@@ -1159,11 +1159,13 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair->x, (size_t) keypair->len ) ==
-                                PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot, 
-                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
-                        NULL, 0, &signature_length );
+                                     keypair->x, (size_t) keypair->len ) ==
+                     PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot,
+                                             (psa_algorithm_t) alg_arg,
+                                             NULL, 0,
+                                             NULL, 0,
+                                             NULL, 0, &signature_length );
     }
 
     if( usage_arg & PSA_KEY_USAGE_SIGN )
@@ -1171,8 +1173,8 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair->x, (size_t) keypair->len ) ==
-                                PSA_SUCCESS );
+                                     keypair->x, (size_t) keypair->len ) ==
+                     PSA_SUCCESS );
         actual_status = psa_export_key( key_slot, NULL, 0, NULL );
     }
 
@@ -1198,13 +1200,13 @@ void key_lifetime( int lifetime_arg )
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_set_key_lifetime( key_slot,
-                                 lifetime_set ) == PSA_SUCCESS );
+                                       lifetime_set ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, sizeof( key ) ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_get_key_lifetime( key_slot,
-                                 &lifetime_get ) == PSA_SUCCESS );
+                                       &lifetime_get ) == PSA_SUCCESS );
 
     TEST_ASSERT( lifetime_get == lifetime_set );
 
@@ -1265,14 +1267,14 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_verify( slot, alg,
                                         hash_data->x, (size_t) hash_data->len,
                                         NULL, 0,
                                         signature_data->x,
                                         (size_t) signature_data->len ) ==
-                                        PSA_SUCCESS );
+                 PSA_SUCCESS );
 exit:
     psa_destroy_key( slot );
     mbedtls_psa_crypto_free( );
@@ -1310,13 +1312,13 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_verify( slot, alg,
-                                        hash_data->x, (size_t) hash_data->len,
-                                        NULL, 0,
-                                        signature_data->x,
-                                        (size_t) signature_data->len );
+                                           hash_data->x, (size_t) hash_data->len,
+                                           NULL, 0,
+                                           signature_data->x,
+                                           (size_t) signature_data->len );
 
 
     TEST_ASSERT( actual_status == expected_status );
@@ -1363,28 +1365,28 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
-    TEST_ASSERT( psa_asymmetric_encrypt(slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_asymmetric_encrypt( slot, alg,
+                                         input_data->x,
+                                         (size_t) input_data->len,
+                                         NULL, 0,
+                                         output,
+                                         output_size,
+                                         &output_length ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_asymmetric_decrypt(slot, alg,
-                                    output,
-                                    output_length,
-                                    NULL, 0,
-                                    output2,
-                                    output2_size,
-                                    &output2_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
+                                         output,
+                                         output_length,
+                                         NULL, 0,
+                                         output2,
+                                         output2_size,
+                                         &output2_length ) == PSA_SUCCESS );
     TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len )
-                         == 0 );
+                 == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1398,8 +1400,8 @@ exit:
 
 /* BEGIN_CASE */
 void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
-                            int alg_arg, data_t *input_data,
-                            int expected_status_arg )
+                              int alg_arg, data_t *input_data,
+                              int expected_status_arg )
 {
 
 
@@ -1430,15 +1432,15 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_encrypt(slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length);
+    actual_status = psa_asymmetric_encrypt( slot, alg,
+                                            input_data->x,
+                                            (size_t) input_data->len,
+                                            NULL, 0,
+                                            output,
+                                            output_size,
+                                            &output_length );
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
@@ -1481,17 +1483,17 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( ((size_t)expected_size) == output_length );
-    TEST_ASSERT( memcmp( expected_data->x, output, (output_length) ) == 0 );
+                                         input_data->x,
+                                         (size_t) input_data->len,
+                                         NULL, 0,
+                                         output,
+                                         output_size,
+                                         &output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( ( (size_t) expected_size ) == output_length );
+    TEST_ASSERT( memcmp( expected_data->x, output, ( output_length ) ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1505,8 +1507,8 @@ exit:
 
 /* BEGIN_CASE */
 void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
-                            int alg_arg, data_t *input_data,
-                            int expected_status_arg  )
+                              int alg_arg, data_t *input_data,
+                              int expected_status_arg  )
 {
 
     int slot = 1;
@@ -1536,20 +1538,20 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_decrypt(slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length);
+    actual_status = psa_asymmetric_decrypt( slot, alg,
+                                            input_data->x,
+                                            (size_t) input_data->len,
+                                            NULL, 0,
+                                            output,
+                                            output_size,
+                                            &output_length );
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( output);
+    mbedtls_free( output );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From c1bb6c8dcca3686698104374f45c6dec5a5b67d6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:04:39 +0200
Subject: [PATCH 03/20] Formatting improvements

Avoid lines longer than 80 columns.

Remove some redundant parentheses, e.g. change
    if( ( a == b ) && ( c == d ) )
to
    if( a == b && c == d )
which makes lines less long and makes the remaining parentheses more
relevant.

Add missing parentheses around return statements.

There should be no semantic change in this commit.
---
 library/psa_crypto.c                        | 71 +++++++++---------
 tests/suites/test_suite_psa_crypto.function | 81 ++++++++++++++-------
 2 files changed, 92 insertions(+), 60 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 954895910..ff03abd16 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -490,11 +490,12 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( export_public_key && ( !( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) ) )
+    if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) &&
-        ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) )
+    if( ! export_public_key &&
+        ! PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) &&
+        ( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) == 0 )
         return( PSA_ERROR_NOT_PERMITTED );
 
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
@@ -551,8 +552,8 @@ psa_status_t psa_export_key( psa_key_slot_t key,
                              size_t data_size,
                              size_t *data_length )
 {
-    return psa_internal_export_key( key, data, data_size,
-                                    data_length, 0 );
+    return( psa_internal_export_key( key, data, data_size,
+                                     data_length, 0 ) );
 }
 
 
@@ -561,8 +562,8 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
                                     size_t data_size,
                                     size_t *data_length )
 {
-    return psa_internal_export_key( key, data, data_size,
-                                    data_length, 1 );
+    return( psa_internal_export_key( key, data, data_size,
+                                     data_length, 1 ) );
 }
 
 /****************************************************************/
@@ -1030,7 +1031,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
                 unsigned int block_size =
-                    psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                    psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
@@ -1082,13 +1083,13 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     unsigned char *opad = operation->ctx.hmac.opad;
     size_t i;
     size_t block_size =
-        psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( alg ) ) );
+        psa_get_hash_block_size( PSA_ALG_HMAC_HASH( alg ) );
     unsigned int digest_size =
-        PSA_HASH_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+        PSA_HASH_SIZE( PSA_ALG_HMAC_HASH( alg ) );
     size_t key_length = slot->data.raw.bytes;
     psa_status_t status;
 
-    if( ( block_size == 0 ) || ( digest_size == 0 ) )
+    if( block_size == 0 || digest_size == 0 )
         return( PSA_ERROR_NOT_SUPPORTED );
 
     if( key_type != PSA_KEY_TYPE_HMAC )
@@ -1253,14 +1254,14 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
             }
             break;
     }
-    if( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
+    if( ret != 0 || status != PSA_SUCCESS )
     {
         psa_mac_abort( operation );
         if( ret != 0 )
             status = mbedtls_to_psa_error( ret );
     }
 
-    return status;
+    return( status );
 }
 
 static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
@@ -1299,7 +1300,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned char *opad = operation->ctx.hmac.opad;
                 size_t hash_size = 0;
                 size_t block_size =
-                    psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                    psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
@@ -1339,7 +1340,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     }
 cleanup:
 
-    if( ( ret == 0 ) && ( status == PSA_SUCCESS ) )
+    if( ret == 0 && status == PSA_SUCCESS )
     {
         return( psa_mac_abort( operation ) );
     }
@@ -1349,7 +1350,7 @@ cleanup:
         if( ret != 0 )
             status = mbedtls_to_psa_error( ret );
 
-        return status;
+        return( status );
     }
 }
 
@@ -1358,7 +1359,7 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                              size_t mac_size,
                              size_t *mac_length )
 {
-    if( !( operation->key_usage_sign ) )
+    if( ! operation->key_usage_sign )
         return( PSA_ERROR_NOT_PERMITTED );
 
     return( psa_mac_finish_internal( operation, mac,
@@ -1377,7 +1378,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
     size_t actual_mac_length;
     psa_status_t status;
 
-    if( !( operation->key_usage_verify ) )
+    if( ! operation->key_usage_verify )
         return( PSA_ERROR_NOT_PERMITTED );
 
     status = psa_mac_finish_internal( operation,
@@ -1546,8 +1547,8 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
         return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
-    if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
-        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) )
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+        slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
@@ -1639,8 +1640,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
         return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
-    if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
-        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) )
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+        slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
@@ -1830,7 +1831,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ?
                               PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) :
                               1 );
-    if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) )
+    if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || alg == PSA_ALG_CTR )
     {
         operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     }
@@ -1842,14 +1843,14 @@ psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation,
                                 psa_key_slot_t key,
                                 psa_algorithm_t alg )
 {
-    return psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT );
+    return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) );
 }
 
 psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation,
                                 psa_key_slot_t key,
                                 psa_algorithm_t alg )
 {
-    return psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT );
+    return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) );
 }
 
 psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
@@ -1858,7 +1859,7 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
                                       size_t *iv_length )
 {
     int ret = PSA_SUCCESS;
-    if( operation->iv_set || !( operation->iv_required ) )
+    if( operation->iv_set || ! operation->iv_required )
         return( PSA_ERROR_BAD_STATE );
     if( iv_size < operation->iv_size )
     {
@@ -1887,7 +1888,7 @@ psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation,
                                  size_t iv_length )
 {
     int ret = PSA_SUCCESS;
-    if( operation->iv_set || !( operation->iv_required ) )
+    if( operation->iv_set || ! operation->iv_required )
         return( PSA_ERROR_BAD_STATE );
     if( iv_length != operation->iv_size )
     {
@@ -2053,9 +2054,11 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT
-                             | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN
-                             | PSA_KEY_USAGE_VERIFY ) ) != 0 )
+    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT |
+                             PSA_KEY_USAGE_ENCRYPT |
+                             PSA_KEY_USAGE_DECRYPT |
+                             PSA_KEY_USAGE_SIGN |
+                             PSA_KEY_USAGE_VERIFY ) ) != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot->policy = *policy;
@@ -2164,7 +2167,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
+    if( ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) == 0 )
         return( PSA_ERROR_NOT_PERMITTED );
 
     if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
@@ -2231,7 +2234,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length,
-                                           nonce, nonce_length, additional_data,
+                                           nonce, nonce_length,
+                                           additional_data,
                                            additional_data_length,
                                            plaintext, ciphertext,
                                            tag, tag_length );
@@ -2369,7 +2373,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         }
         ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length - tag_length,
                                         nonce, nonce_length,
-                                        additional_data, additional_data_length,
+                                        additional_data,
+                                        additional_data_length,
                                         ciphertext, plaintext,
                                         tag, tag_length );
         mbedtls_ccm_free( &ccm );
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5a68074e4..5e66986ae 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -186,7 +186,8 @@ void import_export_public_key( data_t *data,
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
-                                          &got_type, &got_bits ) == PSA_SUCCESS );
+                                          &got_type,
+                                          &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
@@ -348,7 +349,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -413,7 +415,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -482,7 +485,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -552,7 +556,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -620,8 +625,10 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation1,
+                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation2,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
@@ -704,8 +711,10 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation1,
+                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation2,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
@@ -775,9 +784,13 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
-                           int alg_arg, data_t * input_data, data_t * nonce,
-                           data_t * additional_data, int expected_result_arg )
+void aead_encrypt_decrypt( int key_type_arg,
+                           data_t * key_data,
+                           int alg_arg,
+                           data_t * input_data,
+                           data_t * nonce,
+                           data_t * additional_data,
+                           int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -808,7 +821,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
 
     psa_key_policy_init( &policy );
 
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+                              alg );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
@@ -833,8 +848,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
                                        nonce->x, (size_t) nonce->len,
                                        additional_data->x,
                                        (size_t) additional_data->len,
-                                       output_data, output_length, output_data2,
-                                       output_length, &output_length2 ) ==
+                                       output_data, output_length,
+                                       output_data2, output_length,
+                                       &output_length2 ) ==
                      expected_result );
 
 
@@ -898,8 +914,8 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
                                    additional_data->x,
                                    (size_t) additional_data->len,
                                    input_data->x, (size_t) input_data->len,
-                                   output_data,
-                                   output_size, &output_length ) == PSA_SUCCESS );
+                                   output_data, output_size,
+                                   &output_length ) == PSA_SUCCESS );
 
 
     TEST_ASSERT( memcmp( output_data, expected_result->x,
@@ -959,7 +975,8 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
 
     TEST_ASSERT( psa_aead_decrypt( slot, alg,
                                    nonce->x, (size_t) nonce->len,
-                                   additional_data->x, (size_t) additional_data->len,
+                                   additional_data->x,
+                                   (size_t) additional_data->len,
                                    input_data->x, (size_t) input_data->len,
                                    output_data,
                                    output_size, &output_length ) ==
@@ -982,7 +999,10 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
+void signature_size( int type_arg,
+                     int bits,
+                     int alg_arg,
+                     int expected_size_arg )
 {
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -1028,7 +1048,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
 
-    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg );
+    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
+                                                      key_bits, alg );
     TEST_ASSERT( signature_size != 0 );
     signature = mbedtls_calloc( 1, signature_size );
     TEST_ASSERT( signature != NULL );
@@ -1117,9 +1138,11 @@ void key_policy( int usage_arg, int alg_arg )
 
     psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
 
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == (psa_key_usage_t) usage_arg );
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) ==
+                 (psa_key_usage_t) usage_arg );
 
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == (psa_algorithm_t) alg_arg );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) ==
+                 (psa_algorithm_t) alg_arg );
 
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
 
@@ -1218,7 +1241,9 @@ exit:
 
 
 /* BEGIN_CASE */
-void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
+void key_lifetime_set_fail( int key_slot_arg,
+                            int lifetime_arg,
+                            int expected_status_arg )
 {
     int key_slot = 1;
     psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
@@ -1360,7 +1385,9 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+                              alg_arg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
@@ -1385,8 +1412,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
                                          output2,
                                          output2_size,
                                          &output2_length ) == PSA_SUCCESS );
-    TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len )
-                 == 0 );
+    TEST_ASSERT( memcmp( input_data->x, output2,
+                         (size_t) input_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1493,7 +1520,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
                                          output_size,
                                          &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( ( (size_t) expected_size ) == output_length );
-    TEST_ASSERT( memcmp( expected_data->x, output, ( output_length ) ) == 0 );
+    TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
 
 exit:
     psa_destroy_key( slot );

From 803ce7402ac3776e1667d735e971c456f8137fea Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:07:14 +0200
Subject: [PATCH 04/20] Change sizeof(type) to sizeof(variable)

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ff03abd16..190341fbd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2021,7 +2021,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 
 void psa_key_policy_init( psa_key_policy_t *policy )
 {
-    memset( policy, 0, sizeof( psa_key_policy_t ) );
+    memset( policy, 0, sizeof( *policy ) );
 }
 
 void psa_key_policy_set_usage( psa_key_policy_t *policy,

From 7bcfc0a9aeced4d4f011ba7865682d961e932c71 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 21:49:39 +0200
Subject: [PATCH 05/20] Be more consistent about blank lines

---
 library/psa_crypto.c                        | 17 ++++++++------
 tests/suites/test_suite_psa_crypto.function | 26 ---------------------
 2 files changed, 10 insertions(+), 33 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 190341fbd..e5ac7bd81 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -305,6 +305,8 @@ static psa_status_t mbedtls_to_psa_error( int ret )
     }
 }
 
+
+
 /****************************************************************/
 /* Key management */
 /****************************************************************/
@@ -556,7 +558,6 @@ psa_status_t psa_export_key( psa_key_slot_t key,
                                      data_length, 0 ) );
 }
 
-
 psa_status_t psa_export_public_key( psa_key_slot_t key,
                                     uint8_t *data,
                                     size_t data_size,
@@ -566,6 +567,8 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
                                      data_length, 1 ) );
 }
 
+
+
 /****************************************************************/
 /* Message digests */
 /****************************************************************/
@@ -909,7 +912,6 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
 
 
 
-
 /****************************************************************/
 /* MAC */
 /****************************************************************/
@@ -1395,7 +1397,6 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
 
 
 
-
 /****************************************************************/
 /* Asymmetric cryptography */
 /****************************************************************/
@@ -1679,7 +1680,6 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
-
 }
 
 psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
@@ -1748,9 +1748,10 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
-
 }
 
+
+
 /****************************************************************/
 /* Symmetric cryptography */
 /****************************************************************/
@@ -2015,6 +2016,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 }
 
 
+
 /****************************************************************/
 /* Key Policy */
 /****************************************************************/
@@ -2128,9 +2130,11 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
 }
 
 
+
 /****************************************************************/
 /* AEAD */
 /****************************************************************/
+
 psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                psa_algorithm_t alg,
                                const uint8_t *nonce,
@@ -2223,8 +2227,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         //update the tag pointer to point to the end of the ciphertext_length
         tag = ciphertext + plaintext_length;
 
-
-
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );
@@ -2393,6 +2395,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 }
 
 
+
 /****************************************************************/
 /* Module setup */
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5e66986ae..3de4745bf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -145,7 +145,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void import_export_public_key( data_t *data,
                                int type_arg,
@@ -317,7 +316,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void cipher_encrypt( int alg_arg, int key_type_arg,
                      data_t *key,
@@ -524,7 +522,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void cipher_decrypt( int alg_arg, int key_type_arg,
                      data_t *key,
@@ -585,7 +582,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
                              (size_t) expected_output->len ) == 0 );
     }
 
-
 exit:
     mbedtls_free( output );
     psa_destroy_key( key_slot );
@@ -593,7 +589,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void cipher_verify_output( int alg_arg, int key_type_arg,
                            data_t *key,
@@ -853,12 +848,10 @@ void aead_encrypt_decrypt( int key_type_arg,
                                        &output_length2 ) ==
                      expected_result );
 
-
         TEST_ASSERT( memcmp( input_data->x, output_data2,
                              (size_t) input_data->len ) == 0 );
     }
 
-
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output_data );
@@ -917,11 +910,9 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
                                    output_data, output_size,
                                    &output_length ) == PSA_SUCCESS );
 
-
     TEST_ASSERT( memcmp( output_data, expected_result->x,
                          output_length ) == 0 );
 
-
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output_data );
@@ -945,7 +936,6 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     psa_key_policy_t policy = {0};
     psa_status_t expected_result = (psa_status_t) expected_result_arg;
 
-
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
     TEST_ASSERT( additional_data != NULL );
@@ -982,15 +972,12 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
                                    output_size, &output_length ) ==
                  expected_result );
 
-
     if( expected_result == PSA_SUCCESS )
     {
         TEST_ASSERT( memcmp( output_data, expected_data->x,
                              output_length ) == 0 );
     }
 
-
-
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output_data );
@@ -1239,7 +1226,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void key_lifetime_set_fail( int key_slot_arg,
                             int lifetime_arg,
@@ -1312,7 +1298,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
                              data_t *signature_data,
                              int expected_status_arg )
 {
-
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -1345,7 +1330,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
                                            signature_data->x,
                                            (size_t) signature_data->len );
 
-
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
@@ -1354,7 +1338,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
                                  int alg_arg, data_t *input_data )
@@ -1420,18 +1403,14 @@ exit:
     mbedtls_free( output );
     mbedtls_free( output2 );
     mbedtls_psa_crypto_free( );
-
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
                               int alg_arg, data_t *input_data,
                               int expected_status_arg )
 {
-
-
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -1474,7 +1453,6 @@ exit:
     psa_destroy_key( slot );
     mbedtls_free( output );
     mbedtls_psa_crypto_free( );
-
 }
 /* END_CASE */
 
@@ -1526,18 +1504,14 @@ exit:
     psa_destroy_key( slot );
     mbedtls_free( output );
     mbedtls_psa_crypto_free( );
-
-
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
                               int alg_arg, data_t *input_data,
                               int expected_status_arg  )
 {
-
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;

From 4abf741e6a4d5705de1f75b47a9f795efd5861f0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:35:34 +0200
Subject: [PATCH 06/20] Hygiene improvements in PSA crypto test code

Get rid of many redundant casts. In particular, it is not useful to
cast uint32_t values to size_t before performing arithmetic or
comparisons on them.

Rewrap a number of function calls, many of which now have narrower
arguments thanks to the removed casts. When a function call doesn't
fit on a single line, avoid grouping unrelated parameters together,
but do try to group a buffer pointer and the associated size.

Define more auxiliary variables xxx of a particular integer
type (psa_algorithm_t, psa_key_usage_t, etc.) corresponding to a test
function xxx_arg which has the type int. This avoids the need to cast
xxx_arg to an unsigned type sometimes in the code.
---
 tests/suites/test_suite_psa_crypto.function | 351 +++++++++-----------
 1 file changed, 158 insertions(+), 193 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3de4745bf..3786e57a3 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -41,7 +41,7 @@ void import( data_t *data, int type, int expected_status )
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    status = psa_import_key( slot, type, data->x, (size_t) data->len );
+    status = psa_import_key( slot, type, data->x, data->len );
     TEST_ASSERT( status == (psa_status_t) expected_status );
     if( status == PSA_SUCCESS )
         TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
@@ -64,6 +64,7 @@ void import_export( data_t *data,
     int slot = 1;
     int slot2 = slot + 1;
     psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
     unsigned char *reexported = NULL;
@@ -87,19 +88,17 @@ void import_export( data_t *data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
-
+    psa_key_policy_set_usage( &policy, usage_arg, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
-                                 data->x, (size_t) data->len ) == PSA_SUCCESS );
+                                 data->x, data->len ) == PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
-                                          &got_type, &got_bits ) ==
-                 PSA_SUCCESS );
+                                          &got_type,
+                                          &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
@@ -113,20 +112,20 @@ void import_export( data_t *data,
 
     if( canonical_input )
     {
-        TEST_ASSERT( exported_length == (size_t) data->len );
-        TEST_ASSERT( memcmp( exported, data->x, (size_t) data->len ) == 0 );
+        TEST_ASSERT( exported_length == data->len );
+        TEST_ASSERT( memcmp( exported, data->x, data->len ) == 0 );
     }
     else
     {
         TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
 
         TEST_ASSERT( psa_import_key( slot2, type,
-                                     exported, export_size ) ==
-                     PSA_SUCCESS );
+                                     exported,
+                                     export_size ) == PSA_SUCCESS );
         TEST_ASSERT( psa_export_key( slot2,
-                                     reexported, export_size,
-                                     &reexported_length ) ==
-                     PSA_SUCCESS );
+                                     reexported,
+                                     export_size,
+                                     &reexported_length ) == PSA_SUCCESS );
         TEST_ASSERT( reexported_length == exported_length );
         TEST_ASSERT( memcmp( reexported, exported,
                              exported_length ) == 0 );
@@ -155,6 +154,7 @@ void import_export_public_key( data_t *data,
 {
     int slot = 1;
     psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
     size_t export_size;
@@ -172,16 +172,12 @@ void import_export_public_key( data_t *data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
-                              alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
-                                 data->x, (size_t) data->len ) ==
-                 PSA_SUCCESS );
+                                 data->x, data->len ) == PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
@@ -229,14 +225,13 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x, (size_t) input->len ) ==
-                 PSA_SUCCESS );
+                                  input->x, input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_finish( &operation,
                                   actual_hash, sizeof( actual_hash ),
                                   &actual_hash_length ) == PSA_SUCCESS );
-    TEST_ASSERT( actual_hash_length == (size_t) expected_hash->len );
+    TEST_ASSERT( actual_hash_length == expected_hash->len );
     TEST_ASSERT( memcmp( expected_hash->x, actual_hash,
-                         (size_t) expected_hash->len ) == 0 );
+                         expected_hash->len ) == 0 );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -258,12 +253,11 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
 
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x, (size_t) input->len ) ==
-                 PSA_SUCCESS );
+                                  input->x,
+                                  input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   expected_hash->x,
-                                  (size_t) expected_hash->len ) ==
-                 PSA_SUCCESS );
+                                  expected_hash->len ) == PSA_SUCCESS );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -293,22 +287,19 @@ void mac_verify( int key_type_arg, data_t *key,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
     // TODO: support IV
     TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
-                                 input->x, (size_t) input->len ) ==
-                 PSA_SUCCESS );
+                                 input->x, input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_verify( &operation,
                                  expected_mac->x,
-                                 (size_t) expected_mac->len ) == PSA_SUCCESS );
+                                 expected_mac->len ) == PSA_SUCCESS );
 
 exit:
     psa_destroy_key( key_slot );
@@ -345,18 +336,19 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len,
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input->x, input->len,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -370,9 +362,9 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+        TEST_ASSERT( total_output_length == expected_output->len );
         TEST_ASSERT( memcmp( expected_output->x, output,
-                             (size_t) expected_output->len ) == 0 );
+                             expected_output->len ) == 0 );
     }
 
 exit:
@@ -411,25 +403,25 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
+    TEST_ASSERT( (unsigned int) first_part_size < input->len );
     TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input->x + first_part_size,
-                                    (size_t) input->len - first_part_size,
+                                    input->len - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -440,9 +432,9 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+    TEST_ASSERT( total_output_length == expected_output->len );
     TEST_ASSERT( memcmp( expected_output->x, output,
-                         (size_t) expected_output->len ) == 0 );
+                         expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -481,7 +473,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_decrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -489,18 +481,19 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
-    TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
+    TEST_ASSERT( (unsigned int) first_part_size < input->len );
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input->x, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input->x + first_part_size,
-                                    (size_t) input->len - first_part_size,
+                                    input->len - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -511,9 +504,9 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+    TEST_ASSERT( total_output_length == expected_output->len );
     TEST_ASSERT( memcmp( expected_output->x, output,
-                         (size_t) expected_output->len ) == 0 );
+                         expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -551,7 +544,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_decrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -559,11 +552,12 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len,
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input->x, input->len,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -577,9 +571,9 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+        TEST_ASSERT( total_output_length == expected_output->len );
         TEST_ASSERT( memcmp( expected_output->x, output,
-                             (size_t) expected_output->len ) == 0 );
+                             expected_output->len ) == 0 );
     }
 
 exit:
@@ -618,7 +612,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation1,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -628,11 +622,11 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_size = (size_t) input->len + operation1.block_size;
+    output1_size = input->len + operation1.block_size;
     output1 = mbedtls_calloc( 1, output1_size );
     TEST_ASSERT( output1 != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation1, input->x, (size_t) input->len,
+    TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
                                     output1, output1_size,
                                     &output1_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation1,
@@ -662,8 +656,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( (size_t) input->len == output2_length );
-    TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 );
+    TEST_ASSERT( input->len == output2_length );
+    TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
 
 exit:
     mbedtls_free( output1 );
@@ -704,7 +698,7 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation1,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -714,11 +708,11 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_buffer_size = (size_t) input->len + operation1.block_size;
+    output1_buffer_size = input->len + operation1.block_size;
     output1 = mbedtls_calloc( 1, output1_buffer_size );
     TEST_ASSERT( output1 != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
+    TEST_ASSERT( (unsigned int) first_part_size < input->len );
 
     TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
                                     output1, output1_buffer_size,
@@ -727,7 +721,7 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_cipher_update( &operation1,
                                     input->x + first_part_size,
-                                    (size_t) input->len - first_part_size,
+                                    input->len - first_part_size,
                                     output1, output1_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     output1_length += function_output_length;
@@ -767,8 +761,8 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( (size_t) input->len == output2_length );
-    TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 );
+    TEST_ASSERT( input->len == output2_length );
+    TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
 
 exit:
     mbedtls_free( output1 );
@@ -796,7 +790,7 @@ void aead_encrypt_decrypt( int key_type_arg,
     unsigned char *output_data2 = NULL;
     size_t output_length2 = 0;
     size_t tag_length = 16;
-    psa_status_t expected_result = (psa_status_t) expected_result_arg;
+    psa_status_t expected_result = expected_result_arg;
     psa_key_policy_t policy = {0};
 
     TEST_ASSERT( key_data != NULL );
@@ -808,31 +802,28 @@ void aead_encrypt_decrypt( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
 
-    output_size = (size_t) input_data->len + tag_length;
+    output_size = input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                               alg );
-
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                                   nonce->x, (size_t) nonce->len,
+                                   nonce->x, nonce->len,
                                    additional_data->x,
-                                   (size_t) additional_data->len,
-                                   input_data->x, (size_t) input_data->len,
-                                   output_data,
-                                   output_size, &output_length ) ==
-                 expected_result );
+                                   additional_data->len,
+                                   input_data->x, input_data->len,
+                                   output_data, output_size,
+                                   &output_length ) == expected_result );
 
     if( PSA_SUCCESS == expected_result )
     {
@@ -840,16 +831,15 @@ void aead_encrypt_decrypt( int key_type_arg,
         TEST_ASSERT( output_data2 != NULL );
 
         TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                       nonce->x, (size_t) nonce->len,
+                                       nonce->x, nonce->len,
                                        additional_data->x,
-                                       (size_t) additional_data->len,
+                                       additional_data->len,
                                        output_data, output_length,
                                        output_data2, output_length,
-                                       &output_length2 ) ==
-                     expected_result );
+                                       &output_length2 ) == expected_result );
 
         TEST_ASSERT( memcmp( input_data->x, output_data2,
-                             (size_t) input_data->len ) == 0 );
+                             input_data->len ) == 0 );
     }
 
 exit:
@@ -886,27 +876,24 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) );
 
-    output_size = (size_t) input_data->len + tag_length;
+    output_size = input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
-
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                                   nonce->x, (size_t) nonce->len,
-                                   additional_data->x,
-                                   (size_t) additional_data->len,
-                                   input_data->x, (size_t) input_data->len,
+                                   nonce->x, nonce->len,
+                                   additional_data->x, additional_data->len,
+                                   input_data->x, input_data->len,
                                    output_data, output_size,
                                    &output_length ) == PSA_SUCCESS );
 
@@ -934,7 +921,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     size_t output_length = 0;
     size_t tag_length = 16;
     psa_key_policy_t policy = {0};
-    psa_status_t expected_result = (psa_status_t) expected_result_arg;
+    psa_status_t expected_result = expected_result_arg;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -947,30 +934,27 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
-    output_size = (size_t) input_data->len + tag_length;
+    output_size = input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
-
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                   nonce->x, (size_t) nonce->len,
+                                   nonce->x, nonce->len,
                                    additional_data->x,
-                                   (size_t) additional_data->len,
-                                   input_data->x, (size_t) input_data->len,
-                                   output_data,
-                                   output_size, &output_length ) ==
-                 expected_result );
+                                   additional_data->len,
+                                   input_data->x, input_data->len,
+                                   output_data, output_size,
+                                   &output_length ) == expected_result );
 
     if( expected_result == PSA_SUCCESS )
     {
@@ -1024,13 +1008,12 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_get_key_information( slot,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
@@ -1042,13 +1025,13 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     TEST_ASSERT( signature != NULL );
 
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
-                                      input_data->x, (size_t) input_data->len,
+                                      input_data->x, input_data->len,
                                       NULL, 0,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
-    TEST_ASSERT( signature_length == (size_t) output_data->len );
+    TEST_ASSERT( signature_length == output_data->len );
     TEST_ASSERT( memcmp( signature, output_data->x,
-                         (size_t) output_data->len ) == 0 );
+                         output_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1082,18 +1065,15 @@ void sign_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_sign( slot, alg,
-                                         input_data->x,
-                                         (size_t) input_data->len,
+                                         input_data->x, input_data->len,
                                          NULL, 0,
                                          signature, signature_size,
                                          &signature_length );
@@ -1111,6 +1091,8 @@ exit:
 void key_policy( int usage_arg, int alg_arg )
 {
     int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
     psa_key_type_t key_type = PSA_KEY_TYPE_AES;
     unsigned char key[32] = {0};
     psa_key_policy_t policy_set = {0};
@@ -1123,14 +1105,10 @@ void key_policy( int usage_arg, int alg_arg )
     psa_key_policy_init( &policy_set );
     psa_key_policy_init( &policy_get );
 
-    psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
-
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) ==
-                 (psa_key_usage_t) usage_arg );
-
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) ==
-                 (psa_algorithm_t) alg_arg );
+    psa_key_policy_set_usage( &policy_set, usage, alg );
 
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -1152,6 +1130,8 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
                       data_t *keypair )
 {
     int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
     size_t signature_length = 0;
     psa_key_policy_t policy = {0};
     int actual_status = PSA_SUCCESS;
@@ -1159,32 +1139,31 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
-
+    psa_key_policy_set_usage( &policy, usage, alg );
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
 
-    if( usage_arg & PSA_KEY_USAGE_EXPORT )
+    if( usage & PSA_KEY_USAGE_EXPORT )
     {
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x, (size_t) keypair->len ) ==
-                     PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot,
-                                             (psa_algorithm_t) alg_arg,
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot, alg,
                                              NULL, 0,
                                              NULL, 0,
                                              NULL, 0, &signature_length );
     }
 
-    if( usage_arg & PSA_KEY_USAGE_SIGN )
+    if( usage & PSA_KEY_USAGE_SIGN )
     {
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x, (size_t) keypair->len ) ==
-                     PSA_SUCCESS );
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
         actual_status = psa_export_key( key_slot, NULL, 0, NULL );
     }
 
@@ -1202,7 +1181,7 @@ void key_lifetime( int lifetime_arg )
     int key_slot = 1;
     psa_key_type_t key_type = PSA_ALG_CBC_BASE;
     unsigned char key[32] = {0};
-    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
     psa_key_lifetime_t lifetime_get;
 
     memset( key, 0x2a, sizeof( key ) );
@@ -1232,7 +1211,7 @@ void key_lifetime_set_fail( int key_slot_arg,
                             int expected_status_arg )
 {
     int key_slot = 1;
-    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
@@ -1271,21 +1250,18 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_verify( slot, alg,
-                                        hash_data->x, (size_t) hash_data->len,
+                                        hash_data->x, hash_data->len,
                                         NULL, 0,
                                         signature_data->x,
-                                        (size_t) signature_data->len ) ==
-                 PSA_SUCCESS );
+                                        signature_data->len ) == PSA_SUCCESS );
 exit:
     psa_destroy_key( slot );
     mbedtls_psa_crypto_free( );
@@ -1315,20 +1291,18 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_verify( slot, alg,
-                                           hash_data->x, (size_t) hash_data->len,
+                                           hash_data->x, hash_data->len,
                                            NULL, 0,
                                            signature_data->x,
-                                           (size_t) signature_data->len );
+                                           signature_data->len );
 
     TEST_ASSERT( actual_status == expected_status );
 
@@ -1358,7 +1332,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output2_size = output_size;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
@@ -1370,33 +1344,29 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
-                              alg_arg );
+                              alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
     TEST_ASSERT( psa_asymmetric_encrypt( slot, alg,
-                                         input_data->x,
-                                         (size_t) input_data->len,
+                                         input_data->x, input_data->len,
                                          NULL, 0,
-                                         output,
-                                         output_size,
+                                         output, output_size,
                                          &output_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
-                                         output,
-                                         output_length,
+                                         output, output_length,
                                          NULL, 0,
-                                         output2,
-                                         output2_size,
+                                         output2, output2_size,
                                          &output2_length ) == PSA_SUCCESS );
     TEST_ASSERT( memcmp( input_data->x, output2,
-                         (size_t) input_data->len ) == 0 );
+                         input_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1426,26 +1396,24 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_encrypt( slot, alg,
-                                            input_data->x,
-                                            (size_t) input_data->len,
+                                            input_data->x, input_data->len,
                                             NULL, 0,
-                                            output,
-                                            output_size,
+                                            output, output_size,
                                             &output_length );
     TEST_ASSERT( actual_status == expected_status );
 
@@ -1476,28 +1444,27 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
-                                         input_data->x,
-                                         (size_t) input_data->len,
+                                         input_data->x, input_data->len,
                                          NULL, 0,
                                          output,
                                          output_size,
                                          &output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( ( (size_t) expected_size ) == output_length );
+    TEST_ASSERT( (size_t) expected_size == output_length );
     TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
 
 exit:
@@ -1527,26 +1494,24 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_decrypt( slot, alg,
-                                            input_data->x,
-                                            (size_t) input_data->len,
+                                            input_data->x, input_data->len,
                                             NULL, 0,
-                                            output,
-                                            output_size,
+                                            output, output_size,
                                             &output_length );
     TEST_ASSERT( actual_status == expected_status );
 

From 01b929c85bfd2737402d2fcb57db86e845a42a0f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:40:34 +0200
Subject: [PATCH 07/20] Fix key_lifetime_set_fail not cleaning up the right key
 slot

---
 tests/suites/test_suite_psa_crypto.function | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3786e57a3..01262e038 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1210,17 +1210,17 @@ void key_lifetime_set_fail( int key_slot_arg,
                             int lifetime_arg,
                             int expected_status_arg )
 {
-    int key_slot = 1;
+    psa_key_slot_t key_slot = key_slot_arg;
     psa_key_lifetime_t lifetime_set = lifetime_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+    actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
 
     if( actual_status == PSA_SUCCESS )
-        actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+        actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
 
     TEST_ASSERT( expected_status == actual_status );
 

From c0ec97222b5e8a94bfa8c05cf2c022cee92295a3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 17:03:37 +0200
Subject: [PATCH 08/20] mac_verify: remove unused IV argument

We aren't going to have MAC with IV in the API any time soon, if at
all, so remove the embryonic support for it in the tests.
---
 tests/suites/test_suite_psa_crypto.data     | 52 ++++++++++-----------
 tests/suites/test_suite_psa_crypto.function | 12 ++---
 2 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 41a597de6..8a2e88eda 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -63,107 +63,107 @@ hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5
 
 PSA MAC verify: HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
+mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
 
 PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
 PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 01262e038..a89bdf90e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -265,9 +265,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mac_verify( int key_type_arg, data_t *key,
-                 int alg_arg, data_t *iv,
-                 data_t *input, data_t *expected_mac )
+void mac_verify( int key_type_arg,
+                 data_t *key,
+                 int alg_arg,
+                 data_t *input,
+                 data_t *expected_mac )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -276,11 +278,9 @@ void mac_verify( int key_type_arg, data_t *key,
     psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
-    TEST_ASSERT( iv != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_mac != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( iv->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) );
 
@@ -292,7 +292,7 @@ void mac_verify( int key_type_arg, data_t *key,
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
-    // TODO: support IV
+
     TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,

From dec7261df175daac4a4ace5f3733485e8a372620 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 18:12:37 +0200
Subject: [PATCH 09/20] Remove redundant initialization of policies to {0}

Some compilers don't like initializing a structure to {0} (incomplete
initializer). It's redundant anyway since we always call
psa_key_policy_init.
---
 tests/suites/test_suite_psa_crypto.function | 32 ++++++++++-----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a89bdf90e..a88e02fd7 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -73,7 +73,7 @@ void import_export( data_t *data,
     size_t reexported_length;
     psa_key_type_t got_type;
     size_t got_bits;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
@@ -161,7 +161,7 @@ void import_export_public_key( data_t *data,
     size_t exported_length;
     psa_key_type_t got_type;
     size_t got_bits;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
@@ -791,7 +791,7 @@ void aead_encrypt_decrypt( int key_type_arg,
     size_t output_length2 = 0;
     size_t tag_length = 16;
     psa_status_t expected_result = expected_result_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -863,7 +863,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
     size_t output_size = 0;
     size_t output_length = 0;
     size_t tag_length = 16;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -920,7 +920,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     size_t output_size = 0;
     size_t output_length = 0;
     size_t tag_length = 16;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
     psa_status_t expected_result = expected_result_arg;
 
     TEST_ASSERT( key_data != NULL );
@@ -996,7 +996,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     unsigned char *signature = NULL;
     size_t signature_size;
     size_t signature_length = 0xdeadbeef;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1052,7 +1052,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
     psa_status_t expected_status = expected_status_arg;
     unsigned char *signature = NULL;
     size_t signature_length = 0xdeadbeef;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1095,8 +1095,8 @@ void key_policy( int usage_arg, int alg_arg )
     psa_key_usage_t usage = usage_arg;
     psa_key_type_t key_type = PSA_KEY_TYPE_AES;
     unsigned char key[32] = {0};
-    psa_key_policy_t policy_set = {0};
-    psa_key_policy_t policy_get = {0};
+    psa_key_policy_t policy_set;
+    psa_key_policy_t policy_get;
 
     memset( key, 0x2a, sizeof( key ) );
 
@@ -1133,7 +1133,7 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
     psa_algorithm_t alg = alg_arg;
     psa_key_usage_t usage = usage_arg;
     size_t signature_length = 0;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
     int actual_status = PSA_SUCCESS;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -1238,7 +1238,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( hash_data != NULL );
@@ -1279,7 +1279,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     psa_algorithm_t alg = alg_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( hash_data != NULL );
@@ -1325,7 +1325,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     unsigned char *output2 = NULL;
     size_t output2_size = 0;
     size_t output2_length = 0;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1389,7 +1389,7 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1435,7 +1435,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
     unsigned char *output = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1487,7 +1487,7 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );

From b3e6e5deebb7ffbe68b11ab19a9090aa9494b651 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 22:16:43 +0200
Subject: [PATCH 10/20] Rename hash max sizes for consistency

Use "hash" throughout the library, not "md" as in Mbed TLS.
---
 include/psa/crypto_struct.h                 | 10 +++----
 library/psa_crypto.c                        | 33 +--------------------
 tests/suites/test_suite_psa_crypto.function |  3 +-
 3 files changed, 7 insertions(+), 39 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 4b0f9799b..0dbd86c18 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -46,11 +46,11 @@
 #include "mbedtls/sha512.h"
 
 #if defined(MBEDTLS_SHA512_C)
-#define PSA_CRYPTO_MD_MAX_SIZE 64
-#define PSA_CRYPTO_MD_BLOCK_SIZE 128
+#define PSA_HASH_MAX_SIZE 64
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
 #else
-#define PSA_CRYPTO_MD_MAX_SIZE 32
-#define PSA_CRYPTO_MD_BLOCK_SIZE 64
+#define PSA_HASH_MAX_SIZE 32
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
 #endif
 
 struct psa_hash_operation_s
@@ -89,7 +89,7 @@ typedef struct
         /** The hash context. */
         struct psa_hash_operation_s hash_ctx;
         /** The HMAC part of the context. */
-        uint8_t opad[PSA_CRYPTO_MD_BLOCK_SIZE];
+        uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
 } psa_hmac_internal_data;
 
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e5ac7bd81..446c90ea0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -614,37 +614,6 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
     }
 }
 
-#if 0
-static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg )
-{
-    switch( md_alg )
-    {
-        case MBEDTLS_MD_NONE:
-            return( 0 );
-        case MBEDTLS_MD_MD2:
-            return( PSA_ALG_MD2 );
-        case MBEDTLS_MD_MD4:
-            return( PSA_ALG_MD4 );
-        case MBEDTLS_MD_MD5:
-            return( PSA_ALG_MD5 );
-        case MBEDTLS_MD_SHA1:
-            return( PSA_ALG_SHA_1 );
-        case MBEDTLS_MD_SHA224:
-            return( PSA_ALG_SHA_224 );
-        case MBEDTLS_MD_SHA256:
-            return( PSA_ALG_SHA_256 );
-        case MBEDTLS_MD_SHA384:
-            return( PSA_ALG_SHA_384 );
-        case MBEDTLS_MD_SHA512:
-            return( PSA_ALG_SHA_512 );
-        case MBEDTLS_MD_RIPEMD160:
-            return( PSA_ALG_RIPEMD160 );
-        default:
-            return( 0 );
-    }
-}
-#endif
-
 psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
 {
     switch( operation->alg )
@@ -1081,7 +1050,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
                            key_slot_t *slot,
                            psa_algorithm_t alg )
 {
-    unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
+    unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
     unsigned char *opad = operation->ctx.hmac.opad;
     size_t i;
     size_t block_size =
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a88e02fd7..69deba11e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1,7 +1,6 @@
 /* BEGIN_HEADER */
 #include <stdint.h>
 #include "psa/crypto.h"
-#include "mbedtls/md.h"
 
 #if(UINT32_MAX > SIZE_MAX)
 #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
@@ -212,7 +211,7 @@ exit:
 void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 {
     psa_algorithm_t alg = alg_arg;
-    unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
     size_t actual_hash_length;
     psa_hash_operation_t operation;
 

From e1fed0de18e83884d95faef3796432cfccb61ac3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 20:45:45 +0200
Subject: [PATCH 11/20] Define elliptic curve identifiers from TLS

Instead of rolling our own list of elliptic curve identifiers, use one
from somewhere. Pick TLS because it's the right size (16 bits) and
it's as good as any.
---
 include/psa/crypto.h                    | 50 ++++++++++++++++++++++++-
 tests/suites/test_suite_psa_crypto.data | 10 ++---
 2 files changed, 54 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c513b24c2..28103c78b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -357,7 +357,6 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x07020000)
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x06030000)
 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x07030000)
-#define PSA_KEY_TYPE_ECC_CURVE_NISTP256R1       ((psa_key_type_t)0x00000001)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
     (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
@@ -397,6 +396,55 @@ typedef uint32_t psa_key_type_t;
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
       ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
 
+/** The type of PSA elliptic curve identifiers. */
+typedef uint16_t psa_ecc_curve_t;
+/** Extract the curve from an elliptic curve key type. */
+#define PSA_KEY_TYPE_GET_CURVE(type)                             \
+    ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ?              \
+                        ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
+                        0))
+
+/* The encoding of curve identifiers is currently aligned with the
+ * TLS Supported Groups Registry (formerly known as the
+ * TLS EC Named Curve Registry)
+ * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
+ * The values are defined by RFC 4492, RFC 7027 and RFC 7919. */
+#define PSA_ECC_CURVE_SECT163K1         ((psa_ecc_curve_t) 0x0001)
+#define PSA_ECC_CURVE_SECT163R1         ((psa_ecc_curve_t) 0x0002)
+#define PSA_ECC_CURVE_SECT163R2         ((psa_ecc_curve_t) 0x0003)
+#define PSA_ECC_CURVE_SECT193R1         ((psa_ecc_curve_t) 0x0004)
+#define PSA_ECC_CURVE_SECT193R2         ((psa_ecc_curve_t) 0x0005)
+#define PSA_ECC_CURVE_SECT233K1         ((psa_ecc_curve_t) 0x0006)
+#define PSA_ECC_CURVE_SECT233R1         ((psa_ecc_curve_t) 0x0007)
+#define PSA_ECC_CURVE_SECT239K1         ((psa_ecc_curve_t) 0x0008)
+#define PSA_ECC_CURVE_SECT283K1         ((psa_ecc_curve_t) 0x0009)
+#define PSA_ECC_CURVE_SECT283R1         ((psa_ecc_curve_t) 0x000a)
+#define PSA_ECC_CURVE_SECT409K1         ((psa_ecc_curve_t) 0x000b)
+#define PSA_ECC_CURVE_SECT409R1         ((psa_ecc_curve_t) 0x000c)
+#define PSA_ECC_CURVE_SECT571K1         ((psa_ecc_curve_t) 0x000d)
+#define PSA_ECC_CURVE_SECT571R1         ((psa_ecc_curve_t) 0x000e)
+#define PSA_ECC_CURVE_SECP160K1         ((psa_ecc_curve_t) 0x000f)
+#define PSA_ECC_CURVE_SECP160R1         ((psa_ecc_curve_t) 0x0010)
+#define PSA_ECC_CURVE_SECP160R2         ((psa_ecc_curve_t) 0x0011)
+#define PSA_ECC_CURVE_SECP192K1         ((psa_ecc_curve_t) 0x0012)
+#define PSA_ECC_CURVE_SECP192R1         ((psa_ecc_curve_t) 0x0013)
+#define PSA_ECC_CURVE_SECP224K1         ((psa_ecc_curve_t) 0x0014)
+#define PSA_ECC_CURVE_SECP224R1         ((psa_ecc_curve_t) 0x0015)
+#define PSA_ECC_CURVE_SECP256K1         ((psa_ecc_curve_t) 0x0016)
+#define PSA_ECC_CURVE_SECP256R1         ((psa_ecc_curve_t) 0x0017)
+#define PSA_ECC_CURVE_SECP384R1         ((psa_ecc_curve_t) 0x0018)
+#define PSA_ECC_CURVE_SECP521R1         ((psa_ecc_curve_t) 0x0019)
+#define PSA_ECC_CURVE_BRAINPOOL_P256R1  ((psa_ecc_curve_t) 0x001a)
+#define PSA_ECC_CURVE_BRAINPOOL_P384R1  ((psa_ecc_curve_t) 0x001b)
+#define PSA_ECC_CURVE_BRAINPOOL_P512R1  ((psa_ecc_curve_t) 0x001c)
+#define PSA_ECC_CURVE_CURVE25519        ((psa_ecc_curve_t) 0x001d)
+#define PSA_ECC_CURVE_CURVE448          ((psa_ecc_curve_t) 0x001e)
+#define PSA_ECC_CURVE_FFDHE_2048        ((psa_ecc_curve_t) 0x0100)
+#define PSA_ECC_CURVE_FFDHE_3072        ((psa_ecc_curve_t) 0x0101)
+#define PSA_ECC_CURVE_FFDHE_4096        ((psa_ecc_curve_t) 0x0102)
+#define PSA_ECC_CURVE_FFDHE_6144        ((psa_ecc_curve_t) 0x0103)
+#define PSA_ECC_CURVE_FFDHE_8192        ((psa_ecc_curve_t) 0x0104)
+
 /** The block size of a block cipher.
  *
  * \param type  A cipher key type (value of type #psa_key_type_t).
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 8a2e88eda..ff96c9024 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -51,7 +51,7 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
@@ -340,7 +340,7 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84
 
 PSA sign ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
@@ -383,15 +383,15 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign ECDSA SECP256R1, invalid md alg
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 34ef7f5a552c5a11365c03f5f6de88ebce2098fe Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 20:47:51 +0200
Subject: [PATCH 12/20] Check the curve of an elliptic curve key on import

psa_import_key must check that the imported key data matches the
expected key type. Implement the missing check for EC keys that the
curve is the expected one.
---
 library/psa_crypto.c                    | 47 +++++++++++++++++++++++--
 tests/suites/test_suite_psa_crypto.data |  8 +++++
 2 files changed, 52 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 446c90ea0..603a5101c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -311,6 +311,41 @@ static psa_status_t mbedtls_to_psa_error( int ret )
 /* Key management */
 /****************************************************************/
 
+static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
+{
+    switch( grpid )
+    {
+        case MBEDTLS_ECP_DP_SECP192R1:
+            return( PSA_ECC_CURVE_SECP192R1 );
+        case MBEDTLS_ECP_DP_SECP224R1:
+            return( PSA_ECC_CURVE_SECP224R1 );
+        case MBEDTLS_ECP_DP_SECP256R1:
+            return( PSA_ECC_CURVE_SECP256R1 );
+        case MBEDTLS_ECP_DP_SECP384R1:
+            return( PSA_ECC_CURVE_SECP384R1 );
+        case MBEDTLS_ECP_DP_SECP521R1:
+            return( PSA_ECC_CURVE_SECP521R1 );
+        case MBEDTLS_ECP_DP_BP256R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
+        case MBEDTLS_ECP_DP_BP384R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
+        case MBEDTLS_ECP_DP_BP512R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
+        case MBEDTLS_ECP_DP_CURVE25519:
+            return( PSA_ECC_CURVE_CURVE25519 );
+        case MBEDTLS_ECP_DP_SECP192K1:
+            return( PSA_ECC_CURVE_SECP192K1 );
+        case MBEDTLS_ECP_DP_SECP224K1:
+            return( PSA_ECC_CURVE_SECP224K1 );
+        case MBEDTLS_ECP_DP_SECP256K1:
+            return( PSA_ECC_CURVE_SECP256K1 );
+        case MBEDTLS_ECP_DP_CURVE448:
+            return( PSA_ECC_CURVE_CURVE448 );
+        default:
+            return( 0 );
+    }
+}
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
@@ -356,7 +391,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
             case MBEDTLS_PK_RSA:
                 if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
                     type == PSA_KEY_TYPE_RSA_KEYPAIR )
-                    slot->data.rsa = pk.pk_ctx;
+                    slot->data.rsa = mbedtls_pk_rsa( pk );
                 else
                     return( PSA_ERROR_INVALID_ARGUMENT );
                 break;
@@ -365,8 +400,14 @@ psa_status_t psa_import_key( psa_key_slot_t key,
             case MBEDTLS_PK_ECKEY:
                 if( PSA_KEY_TYPE_IS_ECC( type ) )
                 {
-                    // TODO: check curve
-                    slot->data.ecp = pk.pk_ctx;
+                    mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
+                    psa_ecc_curve_t actual_curve =
+                        mbedtls_ecc_group_to_psa( ecp->grp.id );
+                    psa_ecc_curve_t expected_curve =
+                        PSA_KEY_TYPE_GET_CURVE( type );
+                    if( actual_curve != expected_curve )
+                        return( PSA_ERROR_INVALID_ARGUMENT );
+                    slot->data.ecp = ecp;
                 }
                 else
                     return( PSA_ERROR_INVALID_ARGUMENT );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ff96c9024..3e4465cc0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -53,6 +53,14 @@ PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
+PSA import/export EC secp384r1: good
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+
+PSA import EC keypair secp384r1: wrong curve
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"

From d5b3322f72fe56fa4db898bcf2586c68ad14b1cf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 22:20:03 +0200
Subject: [PATCH 13/20] Reorder PSA test cases to group them by topic

* init-deinit
* import-export
* policies
* lifetime
* hash
* MAC
* cipher
* AEAD
* asymmetric sign
* asymmetric verify
* asymmetric encrypt-decrypt

This commit only moves test functions and test cases around. It does
not modify, add or remove tests.
---
 tests/suites/test_suite_psa_crypto.data     |  54 ++--
 tests/suites/test_suite_psa_crypto.function | 286 ++++++++++----------
 2 files changed, 170 insertions(+), 170 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3e4465cc0..b1a372cdc 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -61,6 +61,27 @@ PSA import EC keypair secp384r1: wrong curve
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA Key Policy set and get
+key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
+
+PSA Key Policy enforcement - export
+key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA Key Policy enforcement - sign
+key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA Key Lifetime set and get volatile
+key_lifetime:PSA_KEY_LIFETIME_VOLATILE
+
+PSA Key Lifetime set fail, invalid key slot
+key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+PSA Key Lifetime set fail, can not change write_once lifetime
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
+
+PSA Key Lifetime set fail, invalid key lifetime value
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
@@ -356,17 +377,13 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA Key Policy set and get
-key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
+PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA Key Policy enforcement - export
-key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
-
-PSA Key Policy enforcement - sign
-key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
-
-PSA Key Lifetime set and get volatile
-key_lifetime:PSA_KEY_LIFETIME_VOLATILE
+PSA sign ECDSA SECP256R1, invalid md alg
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify RSA PKCS#1 v1.5 signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -380,23 +397,6 @@ PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
-PSA Key Lifetime set fail, invalid key slot
-key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
-
-PSA Key Lifetime set fail, can not change write_once lifetime
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
-
-PSA Key Lifetime set fail, invalid key lifetime value
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA sign ECDSA SECP256R1, invalid md alg
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-
 PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 69deba11e..9dbf0340d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -207,6 +207,149 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_policy( int usage_arg, int alg_arg )
+{
+    int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+    unsigned char key[32] = {0};
+    psa_key_policy_t policy_set;
+    psa_key_policy_t policy_get;
+
+    memset( key, 0x2a, sizeof( key ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy_set );
+    psa_key_policy_init( &policy_get );
+
+    psa_key_policy_set_usage( &policy_set, usage, alg );
+
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
+
+    TEST_ASSERT( policy_get.usage == policy_set.usage );
+    TEST_ASSERT( policy_get.alg == policy_set.alg );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
+                      data_t *keypair )
+{
+    int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
+    size_t signature_length = 0;
+    psa_key_policy_t policy;
+    int actual_status = PSA_SUCCESS;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    if( usage & PSA_KEY_USAGE_EXPORT )
+    {
+        TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot, alg,
+                                             NULL, 0,
+                                             NULL, 0,
+                                             NULL, 0, &signature_length );
+    }
+
+    if( usage & PSA_KEY_USAGE_SIGN )
+    {
+        TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
+        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
+    }
+
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_lifetime( int lifetime_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    unsigned char key[32] = {0};
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
+    psa_key_lifetime_t lifetime_get;
+
+    memset( key, 0x2a, sizeof( key ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime( key_slot,
+                                       lifetime_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_lifetime( key_slot,
+                                       &lifetime_get ) == PSA_SUCCESS );
+
+    TEST_ASSERT( lifetime_get == lifetime_set );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_lifetime_set_fail( int key_slot_arg,
+                            int lifetime_arg,
+                            int expected_status_arg )
+{
+    psa_key_slot_t key_slot = key_slot_arg;
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
+
+    if( actual_status == PSA_SUCCESS )
+        actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
+
+    TEST_ASSERT( expected_status == actual_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 {
@@ -1086,149 +1229,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void key_policy( int usage_arg, int alg_arg )
-{
-    int key_slot = 1;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage = usage_arg;
-    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
-    unsigned char key[32] = {0};
-    psa_key_policy_t policy_set;
-    psa_key_policy_t policy_get;
-
-    memset( key, 0x2a, sizeof( key ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy_set );
-    psa_key_policy_init( &policy_get );
-
-    psa_key_policy_set_usage( &policy_set, usage, alg );
-
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
-
-    TEST_ASSERT( policy_get.usage == policy_set.usage );
-    TEST_ASSERT( policy_get.alg == policy_set.alg );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
-                      data_t *keypair )
-{
-    int key_slot = 1;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage = usage_arg;
-    size_t signature_length = 0;
-    psa_key_policy_t policy;
-    int actual_status = PSA_SUCCESS;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
-
-    if( usage & PSA_KEY_USAGE_EXPORT )
-    {
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot,
-                                     PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x,
-                                     keypair->len ) == PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot, alg,
-                                             NULL, 0,
-                                             NULL, 0,
-                                             NULL, 0, &signature_length );
-    }
-
-    if( usage & PSA_KEY_USAGE_SIGN )
-    {
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot,
-                                     PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x,
-                                     keypair->len ) == PSA_SUCCESS );
-        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
-    }
-
-    TEST_ASSERT( actual_status == expected_status );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_lifetime( int lifetime_arg )
-{
-    int key_slot = 1;
-    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
-    unsigned char key[32] = {0};
-    psa_key_lifetime_t lifetime_set = lifetime_arg;
-    psa_key_lifetime_t lifetime_get;
-
-    memset( key, 0x2a, sizeof( key ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_set_key_lifetime( key_slot,
-                                       lifetime_set ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_lifetime( key_slot,
-                                       &lifetime_get ) == PSA_SUCCESS );
-
-    TEST_ASSERT( lifetime_get == lifetime_set );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_lifetime_set_fail( int key_slot_arg,
-                            int lifetime_arg,
-                            int expected_status_arg )
-{
-    psa_key_slot_t key_slot = key_slot_arg;
-    psa_key_lifetime_t lifetime_set = lifetime_arg;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
-
-    if( actual_status == PSA_SUCCESS )
-        actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
-
-    TEST_ASSERT( expected_status == actual_status );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void asymmetric_verify( int key_type_arg, data_t *key_data,
                         int alg_arg, data_t *hash_data,

From 313b8af18e6a85303d50eeafe7cd704d0bcd2fd9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 22:45:01 +0200
Subject: [PATCH 14/20] Improve the description of some test cases

Make the descriptions more consistent.
---
 tests/suites/test_suite_psa_crypto.data | 142 ++++++++++++------------
 1 file changed, 71 insertions(+), 71 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b1a372cdc..0d7a31bdf 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -17,7 +17,7 @@ PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
-PSA import/export RSA keypair usage encrypt: bad, plicy usage set to ENCRYPT instead of EXPORT 1024-bit
+PSA import/export RSA keypair: policy forbids export
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
@@ -45,7 +45,7 @@ PSA import/export-public PSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
 
-PSA import/export-public symmetric key: bad, try to use export public key with symmetric key type 128-bit
+PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT
 
@@ -61,25 +61,25 @@ PSA import EC keypair secp384r1: wrong curve
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
-PSA Key Policy set and get
+PSA key policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
 
-PSA Key Policy enforcement - export
+PSA key policy enforcement: export
 key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
 
-PSA Key Policy enforcement - sign
+PSA key policy enforcement: sign
 key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
 
-PSA Key Lifetime set and get volatile
+PSA key lifetime: set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 
-PSA Key Lifetime set fail, invalid key slot
+PSA key lifetime set: invalid key slot
 key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
 
-PSA Key Lifetime set fail, can not change write_once lifetime
+PSA key lifetime set: cannot change write_once lifetime
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
-PSA Key Lifetime set fail, invalid key lifetime value
+PSA key lifetime set: invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA hash finish: SHA-256
@@ -194,152 +194,152 @@ PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
-PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good
+PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good
+PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good
+PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CBC-nopad, input too short
+PSA symmetric encrypt: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
-PSA Symmetric encryption: AES-CTR, 16 bytes, good
+PSA symmetric encrypt: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CTR, 15 bytes, good
+PSA symmetric encrypt: AES-CTR, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
+PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-PKCS#7, 16 bytes, good
+PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, good
+PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected
+PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
 
-PSA Symmetric decryption: AES-CTR, 16 bytes, good
+PSA symmetric decrypt: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-nopad, input too short
+PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
 
-PSA Symmetric encryption/decryption: AES-CBC-nopad, 16 bytes, good
+PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 16 bytes
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 15 bytes
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
 
-PSA Symmetric encryption/decryption: AES-CTR
+PSA symmetric encrypt/decrypt: AES-CTR
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 cipher_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
+PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
+PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
+PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption + decryption multipart: AES-CBC-nopad, 11+5 bytes
+PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
 
-PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
-PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
+PSA AEAD encrypt/decrypt: DES-CCM not supported
 aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
-PSA AEAD Encrypt, AES CCM - 23-bytes input
+PSA AEAD encrypt: AES-CCM, 23 bytes
 aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
 
-PSA AEAD Encrypt, AES CCM - 24-bytes input
+PSA AEAD encrypt: AES-CCM, 24 bytes
 aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
 
-PSA AEAD Decrypt, AES CCM - 39-bytes input
+PSA AEAD decrypt: AES-CCM, 39 bytes
 aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES CCM - 40-bytes input
+PSA AEAD decrypt, AES-CCM, 40 bytes
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES CCM - invalid signature
+PSA AEAD decrypt: AES-CCM, invalid signature
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 
-PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1
+PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2
+PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
-PSA AEAD Encrypt, AES GCM - 128-bytes input - 1
+PSA AEAD encrypt, AES-GCM, 128 bytes #1
 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
 
-PSA AEAD Encrypt, AES GCM - 128-bytes input - 2
+PSA AEAD encrypt, AES-GCM, 128 bytes #2
 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
 
-PSA AEAD Decrypt, AES GCM - 144-bytes input - 1
+PSA AEAD decrypt, AES-GCM, 144 bytes #1
 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES GCM - 144-bytes input - 2
+PSA AEAD decrypt, AES-GCM, 144 bytes #2
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES GCM - invalid signature
+PSA AEAD decrypt, AES-GCM, invalid signature
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
 
-PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
+PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
@@ -360,83 +360,83 @@ signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
 
-PSA sign RSA PKCS#1 v1.5, raw
+PSA sign: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
 
-PSA sign RSA PKCS#1 v1.5 SHA-256
+PSA sign: RSA PKCS#1 v1.5 SHA-256
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
-PSA sign ECDSA SECP256R1 SHA-256
+PSA sign: ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
 sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
+PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
 
-PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
+PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
+PSA sign: ECDSA SECP256R1 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA sign ECDSA SECP256R1, invalid md alg
+PSA sign: ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
-PSA verify RSA PKCS#1 v1.5 signature
+PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
-PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash
+PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
 
-PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature
+PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
-PSA verify ECDSA SECP256R1 SHA-256
+PSA verify: ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
-PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #2
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
-PSA encrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
+PSA encrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA encrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type
+PSA encrypt: RSA PKCS#1 v1.5: invalid key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 vector #1
+PSA decrypt: RSA PKCS#1 v1.5: good #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32
 
-PSA decrypt using RSA PKCS#1 v1.5 vector #2
+PSA decrypt: RSA PKCS#1 v1.5: good #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
+PSA decrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type
+PSA decrypt: RSA PKCS#1 v1.5: incorrect key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too small
+PSA decrypt: RSA PKCS#1 v1.5, input too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too large
+PSA decrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT

From 2d9d6db60f5fd0a4993d90e47f39462647624ad6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 23:25:28 +0200
Subject: [PATCH 15/20] check-names: also check PSA files

Allow both mbedtls and psa identifiers in either set of files for now.
---
 tests/scripts/check-names.sh      | 2 +-
 tests/scripts/list-identifiers.sh | 2 +-
 tests/scripts/list-macros.sh      | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh
index 4c66440e2..68493f91b 100755
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@@ -53,7 +53,7 @@ done
 for THING in identifiers; do
     printf "Names of $THING: "
     test -r $THING
-    BAD=$( grep -v '^mbedtls_[0-9a-z_]*[0-9a-z]$' $THING || true )
+    BAD=$( grep -E -v '^(mbedtls|psa)_[0-9a-z_]*[0-9a-z]$' $THING || true )
     if [ "x$BAD" = "x" ]; then
         echo "PASS"
     else
diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh
index 130d9d63f..89daa68c7 100755
--- a/tests/scripts/list-identifiers.sh
+++ b/tests/scripts/list-identifiers.sh
@@ -7,7 +7,7 @@ if [ -d include/mbedtls ]; then :; else
     exit 1
 fi
 
-HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
 
 rm -f identifiers
 
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index 3c84adba6..34d909517 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -8,6 +8,7 @@ if [ -d include/mbedtls ]; then :; else
 fi
 
 HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' )
+HEADERS="$HEADERS configs/config-default.h"
 
 sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \
     | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \

From 828ed149d5bc65e7dbd1a0216e3458cfb7eed14a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 23:25:51 +0200
Subject: [PATCH 16/20] Rename MBEDTLS_xxx macros in psa_crypto.c to placate
 check-names.sh

---
 library/psa_crypto.c | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 603a5101c..1de19555f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -92,7 +92,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
 
 /* Number of key slots (plus one because 0 is not used).
  * The value is a compile-time constant for now, for simplicity. */
-#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
+#define PSA_KEY_SLOT_COUNT 32
 
 typedef struct
 {
@@ -120,7 +120,7 @@ typedef struct
     int initialized;
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
-    key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
+    key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
 } psa_global_data_t;
 
 static psa_global_data_t global_data;
@@ -353,7 +353,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type != PSA_KEY_TYPE_NONE )
@@ -431,7 +431,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -477,7 +477,7 @@ psa_status_t psa_get_key_information( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( type != NULL )
@@ -527,7 +527,7 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1166,7 +1166,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    const mbedtls_cipher_info_t *cipher_info;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
 
     operation->alg = 0;
     operation->key_set = 0;
@@ -1378,7 +1378,7 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                                      mac_size, mac_length ) );
 }
 
-#define MBEDTLS_PSA_MAC_MAX_SIZE                        \
+#define PSA_MAC_MAX_SIZE                                \
     ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ?  \
       MBEDTLS_MD_MAX_SIZE :                             \
       MBEDTLS_MAX_BLOCK_LENGTH )
@@ -1386,7 +1386,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
                              const uint8_t *mac,
                              size_t mac_length )
 {
-    uint8_t actual_mac[MBEDTLS_PSA_MAC_MAX_SIZE];
+    uint8_t actual_mac[PSA_MAC_MAX_SIZE];
     size_t actual_mac_length;
     psa_status_t status;
 
@@ -1453,7 +1453,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
     (void) salt;
     (void) salt_length;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1549,7 +1549,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     (void) salt;
     (void) salt_length;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1640,7 +1640,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     (void) salt_length;
     *output_length = 0;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1707,7 +1707,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     (void) salt_length;
     *output_length = 0;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -2059,7 +2059,7 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
@@ -2083,7 +2083,7 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
@@ -2104,7 +2104,7 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
@@ -2119,7 +2119,7 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
@@ -2413,7 +2413,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 void mbedtls_psa_crypto_free( void )
 {
     size_t key;
-    for( key = 1; key < MBEDTLS_PSA_KEY_SLOT_COUNT; key++ )
+    for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ )
         psa_destroy_key( key );
     mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
     mbedtls_entropy_free( &global_data.entropy );

From 13187931f17cd6dcb43a703319eaa41a704b476f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:49:23 +0200
Subject: [PATCH 17/20] Update the PSA crypto-only config.h in configs

The file was derived from an earlier version of Mbed TLS and had not
been updated in a rebase of the PSA branch.
---
 configs/config-psa-crypto.h | 58 +++++++++++++++++++++++++++++++++++--
 1 file changed, 56 insertions(+), 2 deletions(-)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 9c4f62aa0..9ae09c9ec 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -398,12 +398,45 @@
 /**
  * \def MBEDTLS_AES_ROM_TABLES
  *
- * Store the AES tables in ROM.
+ * Use precomputed AES tables stored in ROM.
+ *
+ * Uncomment this macro to use precomputed AES tables stored in ROM.
+ * Comment this macro to generate AES tables in RAM at runtime.
+ *
+ * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
+ * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
+ * initialization time before the first AES operation can be performed.
+ * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
+ * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
+ * performance if ROM access is slower than RAM access.
+ *
+ * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
  *
- * Uncomment this macro to store the AES tables in ROM.
  */
 //#define MBEDTLS_AES_ROM_TABLES
 
+/**
+ * \def MBEDTLS_AES_FEWER_TABLES
+ *
+ * Use less ROM/RAM for AES tables.
+ *
+ * Uncommenting this macro omits 75% of the AES tables from
+ * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
+ * by computing their values on the fly during operations
+ * (the tables are entry-wise rotations of one another).
+ *
+ * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
+ * by ~6kb but at the cost of more arithmetic operations during
+ * runtime. Specifically, one has to compare 4 accesses within
+ * different tables to 4 accesses with additional arithmetic
+ * operations within the same table. The performance gain/loss
+ * depends on the system and memory details.
+ *
+ * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_FEWER_TABLES
+
 /**
  * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
  *
@@ -470,6 +503,7 @@
 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
 
 /**
  * \def MBEDTLS_ECP_NIST_OPTIM
@@ -1704,6 +1738,26 @@
 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
 
+/**
+ * Uncomment the macro to let mbed TLS use your alternate implementation of
+ * mbedtls_platform_zeroize(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * mbedtls_platform_zeroize() is a widely used function across the library to
+ * zero a block of memory. The implementation is expected to be secure in the
+ * sense that it has been written to prevent the compiler from removing calls
+ * to mbedtls_platform_zeroize() as part of redundant code elimination
+ * optimizations. However, it is difficult to guarantee that calls to
+ * mbedtls_platform_zeroize() will not be optimized by the compiler as older
+ * versions of the C language standards do not provide a secure implementation
+ * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
+ * configure their own implementation of mbedtls_platform_zeroize(), for
+ * example by using directives specific to their compiler, features from newer
+ * C standards (e.g using memset_s() in C11) or calling a secure memset() from
+ * their system (e.g explicit_bzero() in BSD).
+ */
+//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
 /* \} name SECTION: Customisation configuration options */
 
 #include "mbedtls/check_config.h"

From 1672d1d2e4400ba91d034e1853944dda32a9100a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:50:35 +0200
Subject: [PATCH 18/20] Remove features with missing dependencies from config.h

The default config.h omits non-crypto features. Remove some features
that had been accidentally left in but have dependencies that had been
removed.

Also update configs/config-psa-crypto.h to match
include/mbedtls/config.h. They were historically identical but started
diverging when the feature-psa branch was rebased on top of a more
recent upstream.

Now the code builds with the "full" config.
---
 configs/config-psa-crypto.h | 26 --------------------------
 include/mbedtls/config.h    | 26 --------------------------
 2 files changed, 52 deletions(-)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 9ae09c9ec..184e1ab64 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -152,13 +152,10 @@
  * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
  * MBEDTLS_PLATFORM_XXX_MACRO!
  *
- * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
- *
  * Uncomment a macro to enable alternate implementation of specific base
  * platform function
  */
 //#define MBEDTLS_PLATFORM_EXIT_ALT
-//#define MBEDTLS_PLATFORM_TIME_ALT
 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
 //#define MBEDTLS_PLATFORM_PRINTF_ALT
 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
@@ -1221,29 +1218,6 @@
  */
 #define MBEDTLS_GCM_C
 
-/**
- * \def MBEDTLS_HAVEGE_C
- *
- * Enable the HAVEGE random generator.
- *
- * Warning: the HAVEGE random generator is not suitable for virtualized
- *          environments
- *
- * Warning: the HAVEGE random generator is dependent on timing and specific
- *          processor traits. It is therefore not advised to use HAVEGE as
- *          your applications primary random generator or primary entropy pool
- *          input. As a secondary input to your entropy pool, it IS able add
- *          the (limited) extra entropy it provides.
- *
- * Module:  library/havege.c
- * Caller:
- *
- * Requires: MBEDTLS_TIMING_C
- *
- * Uncomment to enable the HAVEGE random generator.
- */
-//#define MBEDTLS_HAVEGE_C
-
 /**
  * \def MBEDTLS_HMAC_DRBG_C
  *
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 9f063be72..2ae69911c 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -178,13 +178,10 @@
  * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
  * MBEDTLS_PLATFORM_XXX_MACRO!
  *
- * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
- *
  * Uncomment a macro to enable alternate implementation of specific base
  * platform function
  */
 //#define MBEDTLS_PLATFORM_EXIT_ALT
-//#define MBEDTLS_PLATFORM_TIME_ALT
 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
 //#define MBEDTLS_PLATFORM_PRINTF_ALT
 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
@@ -1395,29 +1392,6 @@
  */
 #define MBEDTLS_GCM_C
 
-/**
- * \def MBEDTLS_HAVEGE_C
- *
- * Enable the HAVEGE random generator.
- *
- * Warning: the HAVEGE random generator is not suitable for virtualized
- *          environments
- *
- * Warning: the HAVEGE random generator is dependent on timing and specific
- *          processor traits. It is therefore not advised to use HAVEGE as
- *          your applications primary random generator or primary entropy pool
- *          input. As a secondary input to your entropy pool, it IS able add
- *          the (limited) extra entropy it provides.
- *
- * Module:  library/havege.c
- * Caller:
- *
- * Requires: MBEDTLS_TIMING_C
- *
- * Uncomment to enable the HAVEGE random generator.
- */
-//#define MBEDTLS_HAVEGE_C
-
 /**
  * \def MBEDTLS_HKDF_C
  *

From 9a9e19f3fb40f164eceed41193bd45875aae2e78 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:56:47 +0200
Subject: [PATCH 19/20] Switch default config back to the upstream one + PSA +
 CMAC

Switch the default config.h back to the upstream version, plus the new
feature from this branch MBEDTLS_PSA_CRYPTO_C, plus MBEDTLS_CMAC_C
because it's a features we're using to explore the API design but
that's off by default in Mbed TLS.

Having a crypto-only version saved a bit of developer time, and it's
something we want to ship, but we also need a full build with TLS to
work, and the CI scripts assume that the default build includes TLS.

As a consequence, list-macros.sh no longer needs a special case to
pass check-names.sh.
---
 include/mbedtls/config.h     | 1068 +++++++++++++++++++++++++++++++++-
 tests/scripts/list-macros.sh |    1 -
 2 files changed, 1058 insertions(+), 11 deletions(-)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 2ae69911c..d3df9eeda 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1,9 +1,11 @@
 /**
- * \file config-psa-crypto.h
+ * \file config.h
  *
- * \brief Configuration with all cryptography features and no X.509 or TLS.
+ * \brief Configuration options (set of defines)
  *
- * This configuration is intended to prototype the PSA reference implementation.
+ *  This set of compile-time options may be used to enable
+ *  or disable features selectively, and reduce the global
+ *  memory footprint.
  */
 /*
  *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
@@ -117,6 +119,33 @@
  */
 //#define MBEDTLS_HAVE_SSE2
 
+/**
+ * \def MBEDTLS_HAVE_TIME
+ *
+ * System has time.h and time().
+ * The time does not need to be correct, only time differences are used,
+ * by contrast with MBEDTLS_HAVE_TIME_DATE
+ *
+ * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
+ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
+ * MBEDTLS_PLATFORM_STD_TIME.
+ *
+ * Comment if your system does not support time functions
+ */
+#define MBEDTLS_HAVE_TIME
+
+/**
+ * \def MBEDTLS_HAVE_TIME_DATE
+ *
+ * System has time.h and time(), gmtime() and the clock is correct.
+ * The time needs to be correct (not necesarily very accurate, but at least
+ * the date should be correct). This is used to verify the validity period of
+ * X.509 certificates.
+ *
+ * Comment if your system does not have a correct clock.
+ */
+#define MBEDTLS_HAVE_TIME_DATE
+
 /**
  * \def MBEDTLS_PLATFORM_MEMORY
  *
@@ -178,10 +207,13 @@
  * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
  * MBEDTLS_PLATFORM_XXX_MACRO!
  *
+ * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
+ *
  * Uncomment a macro to enable alternate implementation of specific base
  * platform function
  */
 //#define MBEDTLS_PLATFORM_EXIT_ALT
+//#define MBEDTLS_PLATFORM_TIME_ALT
 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
 //#define MBEDTLS_PLATFORM_PRINTF_ALT
 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
@@ -225,6 +257,19 @@
  * \{
  */
 
+/**
+ * \def MBEDTLS_TIMING_ALT
+ *
+ * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
+ *
+ * Only works if you have MBEDTLS_TIMING_C enabled.
+ *
+ * You will need to provide a header "timing_alt.h" and an implementation at
+ * compile time.
+ */
+//#define MBEDTLS_TIMING_ALT
+
 /**
  * \def MBEDTLS_AES_ALT
  *
@@ -559,6 +604,37 @@
 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 #define MBEDTLS_CIPHER_PADDING_ZEROS
 
+/**
+ * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+ *
+ * Enable weak ciphersuites in SSL / TLS.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * channels with virtually no security at all!
+ *
+ * This enables the following ciphersuites:
+ *      MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
+ *
+ * Uncomment this macro to enable weak ciphersuites
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+ *
+ * Remove RC4 ciphersuites by default in SSL / TLS.
+ * This flag removes the ciphersuites based on RC4 from the default list as
+ * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
+ * explicitly.
+ *
+ * Uncomment this macro to remove RC4 ciphersuites by default.
+ */
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+
 /**
  * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
  *
@@ -606,6 +682,281 @@
  */
 #define MBEDTLS_ECDSA_DETERMINISTIC
 
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+ *
+ * Enable the PSK based ciphersuite modes in SSL / TLS.
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+ *
+ * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ *
+ * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ *
+ * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ *
+ * Enable the RSA-only based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+ *
+ * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ *
+ * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ *
+ * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ *
+ * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ *
+ * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+ *
+ * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Requires: MBEDTLS_ECJPAKE_C
+ *           MBEDTLS_SHA256_C
+ *           MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+ */
+//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
 /**
  * \def MBEDTLS_PK_PARSE_EC_EXTENDED
  *
@@ -778,7 +1129,8 @@
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
- * Do not use the Chinese Remainder Theorem for the RSA private operation.
+ * Do not use the Chinese Remainder Theorem
+ * for the RSA private operation.
  *
  * Uncomment this macro to disable the use of CRT in RSA.
  *
@@ -808,6 +1160,20 @@
  */
 //#define MBEDTLS_SHA256_SMALLER
 
+/**
+ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
+ *
+ * Enable sending of alert messages in case of encountered errors as per RFC.
+ * If you choose not to send the alert messages, mbed TLS can still communicate
+ * with other servers, only debugging of failures is harder.
+ *
+ * The advantage of not sending alert messages, is that no information is given
+ * about reasons for failures thus preventing adversaries of gaining intel.
+ *
+ * Enable sending of all alert messages
+ */
+#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
+
 /**
  * \def MBEDTLS_SSL_ASYNC_PRIVATE
  *
@@ -819,6 +1185,348 @@
  */
 //#define MBEDTLS_SSL_ASYNC_PRIVATE
 
+/**
+ * \def MBEDTLS_SSL_DEBUG_ALL
+ *
+ * Enable the debug messages in SSL module for all issues.
+ * Debug messages have been disabled in some places to prevent timing
+ * attacks due to (unbalanced) debugging function calls.
+ *
+ * If you need all error reporting you should enable this during debugging,
+ * but remove this for production servers that should log as well.
+ *
+ * Uncomment this macro to report all debug messages on errors introducing
+ * a timing side-channel.
+ *
+ */
+//#define MBEDTLS_SSL_DEBUG_ALL
+
+/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
+ *
+ * Enable support for Encrypt-then-MAC, RFC 7366.
+ *
+ * This allows peers that both support it to use a more robust protection for
+ * ciphersuites using CBC, providing deep resistance against timing attacks
+ * on the padding or underlying cipher.
+ *
+ * This only affects CBC ciphersuites, and is useless if none is defined.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Encrypt-then-MAC
+ */
+#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
+
+/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+ *
+ * Enable support for Extended Master Secret, aka Session Hash
+ * (draft-ietf-tls-session-hash-02).
+ *
+ * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * attacks, but it is recommended to always use it (even if you disable
+ * renegotiation), since it actually fixes a more fundamental issue in the
+ * original SSL/TLS design, and has implications beyond Triple Handshake.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Extended Master Secret.
+ */
+#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+
+/**
+ * \def MBEDTLS_SSL_FALLBACK_SCSV
+ *
+ * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
+ *
+ * For servers, it is recommended to always enable this, unless you support
+ * only one version of TLS, or know for sure that none of your clients
+ * implements a fallback strategy.
+ *
+ * For clients, you only need this if you're using a fallback strategy, which
+ * is not recommended in the first place, unless you absolutely need it to
+ * interoperate with buggy (version-intolerant) servers.
+ *
+ * Comment this macro to disable support for FALLBACK_SCSV
+ */
+#define MBEDTLS_SSL_FALLBACK_SCSV
+
+/**
+ * \def MBEDTLS_SSL_HW_RECORD_ACCEL
+ *
+ * Enable hooking functions in SSL module for hardware acceleration of
+ * individual records.
+ *
+ * Uncomment this macro to enable hooking functions.
+ */
+//#define MBEDTLS_SSL_HW_RECORD_ACCEL
+
+/**
+ * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ *
+ * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
+ *
+ * This is a countermeasure to the BEAST attack, which also minimizes the risk
+ * of interoperability issues compared to sending 0-length records.
+ *
+ * Comment this macro to disable 1/n-1 record splitting.
+ */
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+/**
+ * \def MBEDTLS_SSL_RENEGOTIATION
+ *
+ * Disable support for TLS renegotiation.
+ *
+ * The two main uses of renegotiation are (1) refresh keys on long-lived
+ * connections and (2) client authentication after the initial handshake.
+ * If you don't need renegotiation, it's probably better to disable it, since
+ * it has been associated with security issues in the past and is easy to
+ * misuse/misunderstand.
+ *
+ * Comment this to disable support for renegotiation.
+ *
+ * \note   Even if this option is disabled, both client and server are aware
+ *         of the Renegotiation Indication Extension (RFC 5746) used to
+ *         prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
+ *         (See \c mbedtls_ssl_conf_legacy_renegotiation for the
+ *          configuration of this extension).
+ *
+ */
+#define MBEDTLS_SSL_RENEGOTIATION
+
+/**
+ * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+ *
+ * Enable support for receiving and parsing SSLv2 Client Hello messages for the
+ * SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to enable support for SSLv2 Client Hello messages.
+ */
+//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+
+/**
+ * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+ *
+ * Pick the ciphersuite according to the client's preferences rather than ours
+ * in the SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to respect client's ciphersuite order
+ */
+//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+
+/**
+ * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ *
+ * Enable support for RFC 6066 max_fragment_length extension in SSL.
+ *
+ * Comment this macro to disable support for the max_fragment_length extension
+ */
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+
+/**
+ * \def MBEDTLS_SSL_PROTO_SSL3
+ *
+ * Enable support for SSL 3.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for SSL 3.0
+ */
+//#define MBEDTLS_SSL_PROTO_SSL3
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1
+ *
+ * Enable support for TLS 1.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_1
+ *
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
+ *           (Depends on ciphersuites)
+ *
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/**
+ * \def MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1_1
+ *        or MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define MBEDTLS_SSL_PROTO_DTLS
+
+/**
+ * \def MBEDTLS_SSL_ALPN
+ *
+ * Enable support for RFC 7301 Application Layer Protocol Negotiation.
+ *
+ * Comment this macro to disable support for ALPN.
+ */
+#define MBEDTLS_SSL_ALPN
+
+/**
+ * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *           MBEDTLS_SSL_PROTO_DTLS
+ *
+ * \warning Disabling this is often a security risk!
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Enable support for HelloVerifyRequest on DTLS servers.
+ *
+ * This feature is highly recommended to prevent DTLS servers being used as
+ * amplifiers in DoS attacks against other hosts. It should always be enabled
+ * unless you know for sure amplification cannot be a problem in the
+ * environment in which your server operates.
+ *
+ * \warning Disabling this can ba a security risk! (see above)
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Comment this to disable support for HelloVerifyRequest.
+ */
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+ *
+ * Enable server-side support for clients that reconnect from the same port.
+ *
+ * Some clients unexpectedly close the connection and try to reconnect using the
+ * same source port. This needs special support from the server to handle the
+ * new connection securely, as described in section 4.2.8 of RFC 6347. This
+ * flag enables that support.
+ *
+ * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Comment this to disable support for clients reusing the source port.
+ */
+#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+
+/**
+ * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+ *
+ * Enable support for a limit of records with bad MAC.
+ *
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ */
+#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+
+/**
+ * \def MBEDTLS_SSL_SESSION_TICKETS
+ *
+ * Enable support for RFC 5077 session tickets in SSL.
+ * Client-side, provides full support for session tickets (maintainance of a
+ * session store remains the responsibility of the application, though).
+ * Server-side, you also need to provide callbacks for writing and parsing
+ * tickets, including authenticated encryption and key management. Example
+ * callbacks are provided by MBEDTLS_SSL_TICKET_C.
+ *
+ * Comment this macro to disable support for SSL session tickets
+ */
+#define MBEDTLS_SSL_SESSION_TICKETS
+
+/**
+ * \def MBEDTLS_SSL_EXPORT_KEYS
+ *
+ * Enable support for exporting key block and master secret.
+ * This is required for certain users of TLS, e.g. EAP-TLS.
+ *
+ * Comment this macro to disable support for key export
+ */
+#define MBEDTLS_SSL_EXPORT_KEYS
+
+/**
+ * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
+ *
+ * Enable support for RFC 6066 server name indication (SNI) in SSL.
+ *
+ * Requires: MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Comment this macro to disable support for server name indication in SSL
+ */
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define MBEDTLS_SSL_TRUNCATED_HMAC
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+ *
+ * Fallback to old (pre-2.7), non-conforming implementation of the truncated
+ * HMAC extension which also truncates the HMAC key. Note that this option is
+ * only meant for a transitory upgrade period and is likely to be removed in
+ * a future version of the library.
+ *
+ * \warning The old implementation is non-compliant and has a security weakness
+ *          (2^80 brute force attack on the HMAC key used for a single,
+ *          uninterrupted connection). This should only be enabled temporarily
+ *          when (1) the use of truncated HMAC is essential in order to save
+ *          bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
+ *          the fixed implementation yet (pre-2.7).
+ *
+ * \deprecated This option is deprecated and will likely be removed in a
+ *             future version of Mbed TLS.
+ *
+ * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
+ *
+ * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
+ */
+//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+
 /**
  * \def MBEDTLS_THREADING_ALT
  *
@@ -854,6 +1562,89 @@
  */
 #define MBEDTLS_VERSION_FEATURES
 
+/**
+ * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an extension in a v1 or v2 certificate.
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+
+/**
+ * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an unknown critical extension.
+ *
+ * \warning Depending on your PKI use, enabling this can be a security risk!
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+
+/**
+ * \def MBEDTLS_X509_CHECK_KEY_USAGE
+ *
+ * Enable verification of the keyUsage extension (CA and leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused
+ * (intermediate) CA and leaf certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip keyUsage checking for both CA and leaf certificates.
+ */
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+ *
+ * Enable verification of the extendedKeyUsage extension (leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip extendedKeyUsage checking for certificates.
+ */
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
+ *
+ * Enable parsing and verification of X.509 certificates, CRLs and CSRS
+ * signed with RSASSA-PSS (aka PKCS#1 v2.1).
+ *
+ * Comment this macro to disallow using RSASSA-PSS in certificates.
+ */
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+/**
+ * \def MBEDTLS_ZLIB_SUPPORT
+ *
+ * If set, the SSL/TLS module uses ZLIB to support compression and
+ * decompression of packet data.
+ *
+ * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
+ * CRIME attack. Before enabling this option, you should examine with care if
+ * CRIME or similar exploits may be a applicable to your use case.
+ *
+ * \note Currently compression can't be used with DTLS.
+ *
+ * \deprecated This feature is deprecated and will be removed
+ *             in the next major revision of the library.
+ *
+ * Used in: library/ssl_tls.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This feature requires zlib library and headers to be present.
+ *
+ * Uncomment to enable use of ZLIB
+ */
+//#define MBEDTLS_ZLIB_SUPPORT
 /* \} name SECTION: mbed TLS feature support */
 
 /**
@@ -1238,6 +2029,20 @@
  */
 #define MBEDTLS_CTR_DRBG_C
 
+/**
+ * \def MBEDTLS_DEBUG_C
+ *
+ * Enable the debug functions.
+ *
+ * Module:  library/debug.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * This module provides debugging functions.
+ */
+#define MBEDTLS_DEBUG_C
+
 /**
  * \def MBEDTLS_DES_C
  *
@@ -1336,7 +2141,7 @@
  *
  * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
  */
-#define MBEDTLS_ECJPAKE_C
+//#define MBEDTLS_ECJPAKE_C
 
 /**
  * \def MBEDTLS_ECP_C
@@ -1392,6 +2197,29 @@
  */
 #define MBEDTLS_GCM_C
 
+/**
+ * \def MBEDTLS_HAVEGE_C
+ *
+ * Enable the HAVEGE random generator.
+ *
+ * Warning: the HAVEGE random generator is not suitable for virtualized
+ *          environments
+ *
+ * Warning: the HAVEGE random generator is dependent on timing and specific
+ *          processor traits. It is therefore not advised to use HAVEGE as
+ *          your applications primary random generator or primary entropy pool
+ *          input. As a secondary input to your entropy pool, it IS able add
+ *          the (limited) extra entropy it provides.
+ *
+ * Module:  library/havege.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_TIMING_C
+ *
+ * Uncomment to enable the HAVEGE random generator.
+ */
+//#define MBEDTLS_HAVEGE_C
+
 /**
  * \def MBEDTLS_HKDF_C
  *
@@ -1461,7 +2289,7 @@
  *            it, and considering stronger message digests instead.
  *
  */
-#define MBEDTLS_MD2_C
+//#define MBEDTLS_MD2_C
 
 /**
  * \def MBEDTLS_MD4_C
@@ -1478,7 +2306,7 @@
  *            it, and considering stronger message digests instead.
  *
  */
-#define MBEDTLS_MD4_C
+//#define MBEDTLS_MD4_C
 
 /**
  * \def MBEDTLS_MD5_C
@@ -1518,6 +2346,25 @@
  */
 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
 
+/**
+ * \def MBEDTLS_NET_C
+ *
+ * Enable the TCP and UDP over IPv6/IPv4 networking routines.
+ *
+ * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
+ * and Windows. For other platforms, you'll want to disable it, and write your
+ * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/net_sockets.c
+ *
+ * This module provides networking routines.
+ */
+#define MBEDTLS_NET_C
+
 /**
  * \def MBEDTLS_OID_C
  *
@@ -1553,7 +2400,7 @@
  *
  * This modules adds support for the VIA PadLock on x86.
  */
-//#define MBEDTLS_PADLOCK_C
+#define MBEDTLS_PADLOCK_C
 
 /**
  * \def MBEDTLS_PEM_PARSE_C
@@ -1804,6 +2651,84 @@
  */
 #define MBEDTLS_SHA512_C
 
+/**
+ * \def MBEDTLS_SSL_CACHE_C
+ *
+ * Enable simple SSL cache implementation.
+ *
+ * Module:  library/ssl_cache.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_CACHE_C
+ */
+#define MBEDTLS_SSL_CACHE_C
+
+/**
+ * \def MBEDTLS_SSL_COOKIE_C
+ *
+ * Enable basic implementation of DTLS cookies for hello verification.
+ *
+ * Module:  library/ssl_cookie.c
+ * Caller:
+ */
+#define MBEDTLS_SSL_COOKIE_C
+
+/**
+ * \def MBEDTLS_SSL_TICKET_C
+ *
+ * Enable an implementation of TLS server-side callbacks for session tickets.
+ *
+ * Module:  library/ssl_ticket.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_CIPHER_C
+ */
+#define MBEDTLS_SSL_TICKET_C
+
+/**
+ * \def MBEDTLS_SSL_CLI_C
+ *
+ * Enable the SSL/TLS client code.
+ *
+ * Module:  library/ssl_cli.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS client support.
+ */
+#define MBEDTLS_SSL_CLI_C
+
+/**
+ * \def MBEDTLS_SSL_SRV_C
+ *
+ * Enable the SSL/TLS server code.
+ *
+ * Module:  library/ssl_srv.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS server support.
+ */
+#define MBEDTLS_SSL_SRV_C
+
+/**
+ * \def MBEDTLS_SSL_TLS_C
+ *
+ * Enable the generic SSL/TLS code.
+ *
+ * Module:  library/ssl_tls.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ *           and at least one of the MBEDTLS_SSL_PROTO_XXX defines
+ *
+ * This module is required for SSL/TLS.
+ */
+#define MBEDTLS_SSL_TLS_C
+
 /**
  * \def MBEDTLS_THREADING_C
  *
@@ -1826,6 +2751,29 @@
  */
 //#define MBEDTLS_THREADING_C
 
+/**
+ * \def MBEDTLS_TIMING_C
+ *
+ * Enable the semi-portable timing interface.
+ *
+ * \note The provided implementation only works on POSIX/Unix (including Linux,
+ * BSD and OS X) and Windows. On other platforms, you can either disable that
+ * module and provide your own implementations of the callbacks needed by
+ * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
+ * your own implementation of the whole module by setting
+ * \c MBEDTLS_TIMING_ALT in the current file.
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/timing.c
+ * Caller:  library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+ */
+#define MBEDTLS_TIMING_C
+
 /**
  * \def MBEDTLS_VERSION_C
  *
@@ -1837,6 +2785,106 @@
  */
 #define MBEDTLS_VERSION_C
 
+/**
+ * \def MBEDTLS_X509_USE_C
+ *
+ * Enable X.509 core for using certificates.
+ *
+ * Module:  library/x509.c
+ * Caller:  library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
+ *           MBEDTLS_PK_PARSE_C
+ *
+ * This module is required for the X.509 parsing modules.
+ */
+#define MBEDTLS_X509_USE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Enable X.509 certificate parsing.
+ *
+ * Module:  library/x509_crt.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 certificate parsing.
+ */
+#define MBEDTLS_X509_CRT_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CRL_PARSE_C
+ *
+ * Enable X.509 CRL parsing.
+ *
+ * Module:  library/x509_crl.c
+ * Caller:  library/x509_crt.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 CRL parsing.
+ */
+#define MBEDTLS_X509_CRL_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_PARSE_C
+ *
+ * Enable X.509 Certificate Signing Request (CSR) parsing.
+ *
+ * Module:  library/x509_csr.c
+ * Caller:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is used for reading X.509 certificate request.
+ */
+#define MBEDTLS_X509_CSR_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CREATE_C
+ *
+ * Enable X.509 core for creating certificates.
+ *
+ * Module:  library/x509_create.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
+ *
+ * This module is the basis for creating X.509 certificates and CSRs.
+ */
+#define MBEDTLS_X509_CREATE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_WRITE_C
+ *
+ * Enable creating X.509 certificates.
+ *
+ * Module:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate creation.
+ */
+#define MBEDTLS_X509_CRT_WRITE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_WRITE_C
+ *
+ * Enable creating X.509 Certificate Signing Requests (CSR).
+ *
+ * Module:  library/x509_csr_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate request writing.
+ */
+#define MBEDTLS_X509_CSR_WRITE_C
+
 /**
  * \def MBEDTLS_XTEA_C
  *
@@ -2067,7 +3115,7 @@
 /* \} name SECTION: Customisation configuration options */
 
 /* Target and application specific configurations */
-//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h"
+//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h"
 
 #if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
 #include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
@@ -2086,6 +3134,6 @@
 #include MBEDTLS_USER_CONFIG_FILE
 #endif
 
-#include "mbedtls/check_config.h"
+#include "check_config.h"
 
 #endif /* MBEDTLS_CONFIG_H */
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index 34d909517..3c84adba6 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -8,7 +8,6 @@ if [ -d include/mbedtls ]; then :; else
 fi
 
 HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' )
-HEADERS="$HEADERS configs/config-default.h"
 
 sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \
     | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \

From e3b07d81d6bf52203cfbb5ed7b98f8e6ede942a2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:57:35 +0200
Subject: [PATCH 20/20] Fix build without CMAC

Add missing guard for MBEDTLS_CMAC_C.
---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1de19555f..e41e51287 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1065,6 +1065,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     return( PSA_SUCCESS );
 }
 
+#if defined(MBEDTLS_CMAC_C)
 static int psa_cmac_start( psa_mac_operation_t *operation,
                            size_t key_bits,
                            key_slot_t *slot,
@@ -1085,6 +1086,7 @@ static int psa_cmac_start( psa_mac_operation_t *operation,
                                       key_bits );
     return( ret );
 }
+#endif /* MBEDTLS_CMAC_C */
 
 static int psa_hmac_start( psa_mac_operation_t *operation,
                            psa_key_type_t key_type,